Add utility function to sanitize LDAP/LDB filters

Also adds a unit test.
author: Stephen Gallagher <sgallagh@redhat.com> 2010-10-28 12:12:12 -0400
committer: Stephen Gallagher <sgallagh@redhat.com> 2010-11-15 09:52:34 -0500
commit: ca92350db6ad6ac344181f7b8ec695eda29da675 (patch)
tree: a13639292904be7def057dd21127c768153669f5 /src/util
parent: a476bf85436d8a8195df1693db5b806a9c8f56bd (diff)
download: sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.tar.gz
sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.tar.xz
sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.zip
2 files changed, 63 insertions, 0 deletions
diff --git a/src/util/util.c b/src/util/util.c
index 06eea2837..772a8b73f 100644
--- a/src/util/util.c
+++ b/src/util/util.c
@@ -515,3 +515,55 @@ errno_t sss_hash_create(TALLOC_CTX *mem_ctx,
     talloc_free(internal_ctx);
     return ret;
 }
+
+errno_t sss_filter_sanitize(TALLOC_CTX *mem_ctx,
+                            const char *input,
+                            char **sanitized)
+{
+    char *output;
+    size_t i = 0;
+    size_t j = 0;
+
+    /* Assume the worst-case. We'll resize it later, once */
+    output = talloc_array(mem_ctx, char, strlen(input) * 3 + 1);
+    if (!output) {
+        return ENOMEM;
+    }
+
+    while (input[i]) {
+        switch(input[i]) {
+        case '*':
+            output[j++] = '\\';
+            output[j++] = '2';
+            output[j++] = 'a';
+            break;
+        case '(':
+            output[j++] = '\\';
+            output[j++] = '2';
+            output[j++] = '8';
+            break;
+        case ')':
+            output[j++] = '\\';
+            output[j++] = '2';
+            output[j++] = '9';
+            break;
+        case '\\':
+            output[j++] = '\\';
+            output[j++] = '5';
+            output[j++] = 'c';
+            break;
+        default:
+            output[j++] = input[i];
+        }
+
+        i++;
+    }
+    output[j] = '\0';
+    *sanitized = talloc_realloc(mem_ctx, output, char, j+1);
+    if (!*sanitized) {
+        talloc_free(output);
+        return ENOMEM;
+    }
+
+    return EOK;
+}
diff --git a/src/util/util.h b/src/util/util.h
index e93f6f863..53a6b1c97 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -366,4 +366,15 @@ errno_t diff_string_lists(TALLOC_CTX *memctx,
                           char ***string1_only,
                           char ***string2_only,
                           char ***both_strings);
+
+/* Sanitize an input string (e.g. a username) for use in
+ * an LDAP/LDB filter
+ * Returns a newly-constructed string attached to mem_ctx
+ * It will fail only on an out of memory condition, where it
+ * will return ENOMEM.
+ */
+errno_t sss_filter_sanitize(TALLOC_CTX *mem_ctx,
+                            const char *input,
+                            char **sanitized);
+
 #endif /* __SSSD_UTIL_H__ */
author	Stephen Gallagher <sgallagh@redhat.com>	2010-10-28 12:12:12 -0400
committer	Stephen Gallagher <sgallagh@redhat.com>	2010-11-15 09:52:34 -0500
commit	ca92350db6ad6ac344181f7b8ec695eda29da675 (patch)
tree	a13639292904be7def057dd21127c768153669f5 /src/util
parent	a476bf85436d8a8195df1693db5b806a9c8f56bd (diff)
download	sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.tar.gz sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.tar.xz sssd-ca92350db6ad6ac344181f7b8ec695eda29da675.zip