add more versatile private API for filter escaping

This commit is contained in:
Pierangelo Masarati 2005-11-25 10:41:33 +00:00
parent 4297ec242a
commit 6ab23ef926
3 changed files with 96 additions and 33 deletions

View File

@ -212,6 +212,13 @@ ldap_pvt_find_wildcard LDAP_P(( const char *s ));
LDAP_F( ber_slen_t ) LDAP_F( ber_slen_t )
ldap_pvt_filter_value_unescape LDAP_P(( char *filter )); ldap_pvt_filter_value_unescape LDAP_P(( char *filter ));
LDAP_F( ber_len_t )
ldap_bv2escaped_filter_value_len LDAP_P(( struct berval *in ));
LDAP_F( int )
ldap_bv2escaped_filter_value_x LDAP_P(( struct berval *in, struct berval *out,
int inplace, void *ctx ));
/* string.c */ /* string.c */
LDAP_F( char * ) LDAP_F( char * )
ldap_pvt_str2upper LDAP_P(( char *str )); ldap_pvt_str2upper LDAP_P(( char *str ));

View File

@ -365,53 +365,106 @@ ldap_search_s(
return( ldap_result2error( ld, *res, 0 ) ); return( ldap_result2error( ld, *res, 0 ) );
} }
static char escape[128] = {
1, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
1, 1, 1, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 1, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0
};
#define NEEDFLTESCAPE(c) ((c) & 0x80 || escape[ (unsigned)(c) ])
/*
* compute the length of the escaped value;
* returns ((ber_len_t)(-1)) if no escaping is required.
*/
ber_len_t
ldap_bv2escaped_filter_value_len( struct berval *in )
{
ber_len_t i, l;
assert( in != NULL );
if ( in->bv_len == 0 ) {
return 0;
}
/* assume we'll escape everything */
for( l = 0, i = 0; i < in->bv_len; l++, i++ ) {
char c = in->bv_val[ i ];
if ( NEEDFLTESCAPE( c ) ) {
l += 2;
}
}
return l;
}
int int
ldap_bv2escaped_filter_value( struct berval *in, struct berval *out ) ldap_bv2escaped_filter_value( struct berval *in, struct berval *out )
{ {
ber_len_t i; return ldap_bv2escaped_filter_value_x( in, out, 0, NULL );
static char escape[128] = { }
1, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, int
1, 1, 1, 0, 0, 0, 0, 0, ldap_bv2escaped_filter_value_x( struct berval *in, struct berval *out, int inplace, void *ctx )
0, 0, 0, 0, 0, 0, 0, 0, {
0, 0, 0, 0, 0, 0, 0, 0, ber_len_t i, l;
0, 0, 0, 0, 0, 0, 0, 0, assert( in != NULL );
0, 0, 0, 0, 0, 0, 0, 0, assert( out != NULL );
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 1, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, BER_BVZERO( out );
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0
};
out->bv_len = 0; if ( in->bv_len == 0 ) {
out->bv_val = NULL; return 0;
}
if( in->bv_len == 0 ) return 0;
/* assume we'll escape everything */ /* assume we'll escape everything */
out->bv_val = LDAP_MALLOC( 3 * in->bv_len + 1 ); l = ldap_bv2escaped_filter_value_len( in );
if( out->bv_val == NULL ) return -1; if ( l == in->bv_len ) {
if ( inplace ) {
*out = *in;
} else {
ber_dupbv( out, in );
}
return 0;
}
out->bv_val = LDAP_MALLOCX( l + 1, ctx );
if ( out->bv_val == NULL ) {
return -1;
}
for( i=0; i<in->bv_len; i++ ) { for ( i = 0; i < in->bv_len; i++ ) {
char c = in->bv_val[ i ]; char c = in->bv_val[ i ];
if (c & 0x80 || escape[ (unsigned)c ]) { if ( NEEDFLTESCAPE( c ) ) {
assert( out->bv_len < l - 2 );
out->bv_val[out->bv_len++] = '\\'; out->bv_val[out->bv_len++] = '\\';
out->bv_val[out->bv_len++] = "0123456789ABCDEF"[0x0f & (c>>4)]; out->bv_val[out->bv_len++] = "0123456789ABCDEF"[0x0f & (c>>4)];
out->bv_val[out->bv_len++] = "0123456789ABCDEF"[0x0f & c]; out->bv_val[out->bv_len++] = "0123456789ABCDEF"[0x0f & c];
} else { } else {
assert( out->bv_len < l );
out->bv_val[out->bv_len++] = c; out->bv_val[out->bv_len++] = c;
} }
} }
out->bv_val[out->bv_len] = '\0'; out->bv_val[out->bv_len] = '\0';
return 0; return 0;
} }

View File

@ -301,7 +301,8 @@ static char *build_filter(
unique_data *ud, unique_data *ud,
AttributeDescription *ad, AttributeDescription *ad,
BerVarray b, BerVarray b,
char *kp char *kp,
void *ctx
) )
{ {
unique_attrs *up; unique_attrs *up;
@ -332,9 +333,11 @@ static char *build_filter(
for ( i = 0; b[i].bv_val; i++ ) { for ( i = 0; b[i].bv_val; i++ ) {
struct berval bv; struct berval bv;
ldap_bv2escaped_filter_value( &b[i], &bv ); ldap_bv2escaped_filter_value_x( &b[i], &bv, 1, ctx );
kp += sprintf( kp, "(%s=%s)", ad->ad_cname.bv_val, bv.bv_val ); kp += sprintf( kp, "(%s=%s)", ad->ad_cname.bv_val, bv.bv_val );
ldap_memfree( bv.bv_val ); if ( bv.bv_val != b[i].bv_val ) {
ber_memfree_x( bv.bv_val, ctx );
}
} }
} else if ( ud->strict ) { } else if ( ud->strict ) {
kp += sprintf( kp, "(%s=*)", ad->ad_cname.bv_val ); kp += sprintf( kp, "(%s=*)", ad->ad_cname.bv_val );
@ -440,7 +443,7 @@ static int unique_add(
kp = key + sprintf(key, "(|"); kp = key + sprintf(key, "(|");
for(a = op->ora_e->e_attrs; a; a = a->a_next) { for(a = op->ora_e->e_attrs; a; a = a->a_next) {
kp = build_filter(ud, a->a_desc, a->a_vals, kp); kp = build_filter(ud, a->a_desc, a->a_vals, kp, op->o_tmpmemctx);
} }
sprintf(kp, ")"); sprintf(kp, ")");
@ -492,7 +495,7 @@ static int unique_modify(
for(m = op->orm_modlist; m; m = m->sml_next) { for(m = op->orm_modlist; m; m = m->sml_next) {
if ((m->sml_op & LDAP_MOD_OP) == LDAP_MOD_DELETE) continue; if ((m->sml_op & LDAP_MOD_OP) == LDAP_MOD_DELETE) continue;
kp = build_filter(ud, m->sml_desc, m->sml_values, kp); kp = build_filter(ud, m->sml_desc, m->sml_values, kp, op->o_tmpmemctx);
} }
sprintf(kp, ")"); sprintf(kp, ")");
@ -555,7 +558,7 @@ static int unique_modrdn(
for(i = 0; newrdn[i]; i++) { for(i = 0; newrdn[i]; i++) {
bv[0] = newrdn[i]->la_value; bv[0] = newrdn[i]->la_value;
kp = build_filter(ud, newrdn[i]->la_private, bv, kp); kp = build_filter(ud, newrdn[i]->la_private, bv, kp, op->o_tmpmemctx);
} }
sprintf(kp, ")"); sprintf(kp, ")");