Lines 222-240
Link Here
|
222 |
* LDAP filter metachars are escaped. |
222 |
* LDAP filter metachars are escaped. |
223 |
*/ |
223 |
*/ |
224 |
filtbuf_end = filtbuf + FILTER_LENGTH - 1; |
224 |
filtbuf_end = filtbuf + FILTER_LENGTH - 1; |
225 |
for (p = user, q=filtbuf + strlen(filtbuf); |
|
|
226 |
*p && q < filtbuf_end; *q++ = *p++) { |
227 |
#if APR_HAS_MICROSOFT_LDAPSDK |
225 |
#if APR_HAS_MICROSOFT_LDAPSDK |
228 |
/* Note: The Microsoft SDK escapes for us, so is not necessary */ |
226 |
for (p = user, q=filtbuf + strlen(filtbuf); |
|
|
227 |
*p && q < filtbuf_end; ) { |
228 |
if (strchr("*()\\", *p) != NULL) { |
229 |
if ( q + 3 >= filtbuf_end) |
230 |
break; /* Don't write part of escape sequence if we can't write all of it */ |
231 |
*q++ = '\\'; |
232 |
switch ( *p++ ) |
233 |
{ |
234 |
case '*': |
235 |
*q++ = '2'; |
236 |
*q++ = 'a'; |
237 |
break; |
238 |
case '(': |
239 |
*q++ = '2'; |
240 |
*q++ = '8'; |
241 |
break; |
242 |
case ')': |
243 |
*q++ = '2'; |
244 |
*q++ = '9'; |
245 |
break; |
246 |
case '\\': |
247 |
*q++ = '5'; |
248 |
*q++ = 'c'; |
249 |
break; |
250 |
} |
251 |
} |
252 |
else |
253 |
*q++ = *p++; |
254 |
} |
229 |
#else |
255 |
#else |
|
|
256 |
for (p = user, q=filtbuf + strlen(filtbuf); |
257 |
*p && q < filtbuf_end; *q++ = *p++) { |
230 |
if (strchr("*()\\", *p) != NULL) { |
258 |
if (strchr("*()\\", *p) != NULL) { |
231 |
*q++ = '\\'; |
259 |
*q++ = '\\'; |
232 |
if (q >= filtbuf_end) { |
260 |
if (q >= filtbuf_end) { |
233 |
break; |
261 |
break; |
234 |
} |
262 |
} |
235 |
} |
263 |
} |
236 |
#endif |
|
|
237 |
} |
264 |
} |
|
|
265 |
#endif |
238 |
*q = '\0'; |
266 |
*q = '\0'; |
239 |
|
267 |
|
240 |
/* |
268 |
/* |