Home Explore Help
Register Sign In
Apq
/
389-ds-base
mirror of https://github.com/389ds/389-ds-base.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Bug 572162 - the string "|*" within a search filter on a non-indexed attribute returns all elements.

https://bugzilla.redhat.com/show_bug.cgi?id=572162
Resolves: bug 572162
Bug Description: the string "|*" within a search filter on a non-indexed attribute returns all elements.
Reviewed by: nhosoi (Thanks!)
Branch: HEAD
Fix Description: PCRE interprets the '|' character as the start of
alternative branch.  In the search filter, the other side of the '|' is
empty, which means match everything.  The solution is to escape this and
other PCRE special chars before matching.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
Rich Megginson 15 years ago
parent
0c9d459048
commit
b433e4c852
3 changed files with 9 additions and 5 deletions
Unified View Show Diff Stats
  1. 3 3
      ldap/servers/plugins/syntaxes/string.c
  2. 5 1
      ldap/servers/slapd/filterentry.c
  3. 1 1
      ldap/servers/slapd/proto-slap.h

+ 3 - 3
ldap/servers/plugins/syntaxes/string.c
View File 

@@ -262,7 +262,7 @@ string_filter_sub( Slapi_PBlock *pb, char *initial, char **any, char *final,
 
 	if ( initial != NULL ) {
 
 	if ( initial != NULL ) {
 
 		value_normalize( initial, syntax, 1 /* trim leading blanks */ );
 
 		value_normalize( initial, syntax, 1 /* trim leading blanks */ );
 
 		*p++ = '^';
 
 		*p++ = '^';
 
-		filter_strcpy_special_ext( p, initial, FILTER_STRCPY_ESCAPE_PARENS );
 
+		filter_strcpy_special_ext( p, initial, FILTER_STRCPY_ESCAPE_RECHARS );
 
 		p = strchr( p, '\0' );
 
 		p = strchr( p, '\0' );
 
 	}
 
 	}
 
 	if ( any != NULL ) {
 
 	if ( any != NULL ) {
 
@@ -271,7 +271,7 @@ string_filter_sub( Slapi_PBlock *pb, char *initial, char **any, char *final,
 
 			/* ".*" + value */
 
 			/* ".*" + value */
 
 			*p++ = '.';
 
 			*p++ = '.';
 
 			*p++ = '*';
 
 			*p++ = '*';
 
-			filter_strcpy_special_ext( p, any[i], FILTER_STRCPY_ESCAPE_PARENS );
 
+			filter_strcpy_special_ext( p, any[i], FILTER_STRCPY_ESCAPE_RECHARS );
 
 			p = strchr( p, '\0' );
 
 			p = strchr( p, '\0' );
 
 		}
 
 		}
 
 	}
 
 	}
 
@@ -280,7 +280,7 @@ string_filter_sub( Slapi_PBlock *pb, char *initial, char **any, char *final,
 
 		/* ".*" + value */
 
 		/* ".*" + value */
 
 		*p++ = '.';
 
 		*p++ = '.';
 
 		*p++ = '*';
 
 		*p++ = '*';
 
-		filter_strcpy_special_ext( p, final, FILTER_STRCPY_ESCAPE_PARENS );
 
+		filter_strcpy_special_ext( p, final, FILTER_STRCPY_ESCAPE_RECHARS );
 
 		strcat( p, "$" );
 
 		strcat( p, "$" );
 
 	}
 
 	}

+ 5 - 1
ldap/servers/slapd/filterentry.c
View File 

@@ -663,7 +663,11 @@ filter_strcpy_special_ext( char *d, char *s, int flags )
 
 			break;
 
 			break;
 
 		case '(':
 
 		case '(':
 
 		case ')':
 
 		case ')':
 
-			if (flags & FILTER_STRCPY_ESCAPE_PARENS) {
 
+		case '}':
 
+		case '{':
 
+		case '|':
 
+		case '?':
 
+			if (flags & FILTER_STRCPY_ESCAPE_RECHARS) {
 
 				*d++ = '\\';
 
 				*d++ = '\\';
 
 			}
 
 			}
 
 			break;
 
 			break;

+ 1 - 1
ldap/servers/slapd/proto-slap.h
View File 

@@ -595,7 +595,7 @@ void set_hash_filters(int i);
 
  * filterentry.c
 
  * filterentry.c
 
  */
 
  */
 
 void filter_strcpy_special( char *d, char *s );
 
 void filter_strcpy_special( char *d, char *s );
 
-#define FILTER_STRCPY_ESCAPE_PARENS 0x01
 
+#define FILTER_STRCPY_ESCAPE_RECHARS 0x01
 
 void filter_strcpy_special_ext( char *d, char *s, int flags );
 
 void filter_strcpy_special_ext( char *d, char *s, int flags );