diff options
| author | Noriko Hosoi <nhosoi@redhat.com> | 2010-09-02 14:15:09 -0700 |
|---|---|---|
| committer | Rich Megginson <rmeggins@redhat.com> | 2010-10-18 10:48:03 -0600 |
| commit | b2921c914b7cd18569c9812dfd27b19e8a57bfe9 (patch) | |
| tree | 95f1f885b8878a5816c7bef1212f4a8e9cfb53ae | |
| parent | 483da62ad4ebc39faf74610f2a6fcfe3334a2b19 (diff) | |
| download | ds-b2921c914b7cd18569c9812dfd27b19e8a57bfe9.tar.gz ds-b2921c914b7cd18569c9812dfd27b19e8a57bfe9.tar.xz ds-b2921c914b7cd18569c9812dfd27b19e8a57bfe9.zip | |
Bug 629710 - escape_string does not check '\<HEX><HEX>'
https://bugzilla.redhat.com/show_bug.cgi?id=629710
Resolves: 629710
Description: do_escape_string (core of escape_string) converts
'\\ (backslash)' to '\5C' even if the following 2 characters are
hex digits. That is, the character is already escaped. This
patch checks the case and if it is, it does not escape it further.
(cherry picked from commit 34c0dfe8e862d86591823004150e777b1e035b6e)
Branch: 389-ds-base-1.2.6
| -rw-r--r-- | ldap/servers/slapd/util.c | 46 |
1 files changed, 30 insertions, 16 deletions
diff --git a/ldap/servers/slapd/util.c b/ldap/servers/slapd/util.c index fccee11c..8d918136 100644 --- a/ldap/servers/slapd/util.c +++ b/ldap/servers/slapd/util.c @@ -73,19 +73,23 @@ static int special_np(unsigned char c) { - if(c < 32 || c > 126) { - return UTIL_ESCAPE_HEX; - } else if ((c== '"') || (c=='\\')) - { - return UTIL_ESCAPE_HEX; - } + if (c == '\\') { + return UTIL_ESCAPE_BACKSLASH; + } + if (c < 32 || c > 126 || c == '"') { + return UTIL_ESCAPE_HEX; + } return UTIL_ESCAPE_NONE; } static int special_np_and_punct(unsigned char c) { - if (c < 32 || c > 126 || c == '*') return UTIL_ESCAPE_HEX; - if (c == '\\' || c == '"') return UTIL_ESCAPE_BACKSLASH; + if (c == '\\') { + return UTIL_ESCAPE_BACKSLASH; + } + if (c < 32 || c > 126 || c == '"' || c == '*') { + return UTIL_ESCAPE_HEX; + } return UTIL_ESCAPE_NONE; } @@ -142,16 +146,26 @@ do_escape_string ( break; } do { - *bufNext++ = '\\'; --bufSpace; - if (bufSpace < 2) { - memcpy (bufNext, "..", 2); - bufNext += 2; - goto bail; - } if (esc == UTIL_ESCAPE_BACKSLASH) { - *bufNext++ = *s; --bufSpace; + /* *s is '\\' */ + /* If *(s+1) and *(s+2) are both hex digits, + * the char is already escaped. */ + if (isxdigit(*(s+1)) && isxdigit(*(s+2))) { + memcpy(bufNext, s, 3); + bufNext += 3; + bufSpace -= 3; + s += 2; + } else { + *bufNext++ = *s; --bufSpace; + } } else { /* UTIL_ESCAPE_HEX */ - sprintf (bufNext, "%02x", (unsigned)*(unsigned char*)s); + *bufNext++ = '\\'; --bufSpace; + if (bufSpace < 3) { + memcpy(bufNext, "..", 2); + bufNext += 2; + goto bail; + } + PR_snprintf(bufNext, 3, "%02x", *(unsigned char*)s); bufNext += 2; bufSpace -= 2; } } while (++s <= last && |