ping
On 10/24/18 10:27 AM, Martijn van Duren wrote:
> In my previous ldap mail I proclaimed that we should encode whitespace.
> Reading rfc2849 a bit further, encoding a string with leading space is
> mandatory by SAFE-INIT-CHAR. This is needed because of the definition
> of value-spec, which allows additional space, colon, and less-than
> after the colon separating the AttributeDescription.
>
> The code below adds these definitions. I also changed the outlen
> calculation because it at least fails b64_ntop on inlen == 1.
>
> OK?
>
> martijn@
>
> Index: ldapclient.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/ldap/ldapclient.c,v
> retrieving revision 1.5
> diff -u -p -r1.5 ldapclient.c
> --- ldapclient.c 23 Oct 2018 08:28:34 -0000 1.5
> +++ ldapclient.c 24 Oct 2018 08:21:27 -0000
> @@ -404,8 +404,13 @@ ldapc_printattr(struct ldapc *ldap, cons
> * in SAFE-STRINGs. String value that do not match the
> * criteria must be encoded as Base64.
> */
> - for (cp = (const unsigned char *)value;
> - encode == 0 &&*cp != '\0'; cp++) {
> + cp = (const unsigned char *)value;
> + /* !SAFE-INIT-CHAR: SAFE-CHAR minus %x20 %x3A %x3C */
> + if (*cp == ' ' ||
> + *cp == ':' ||
> + *cp == '<')
> + encode = 1;
> + for (; encode == 0 &&*cp != '\0'; cp++) {
> /* !SAFE-CHAR %x01-09 / %x0B-0C / %x0E-7F */
> if (*cp > 127 ||
> *cp == '\0' ||
> @@ -421,7 +426,7 @@ ldapc_printattr(struct ldapc *ldap, cons
> }
> } else {
> inlen = strlen(value);
> - outlen = inlen * 2 + 1;
> + outlen = (((inlen + 2) / 3) * 4) + 1;
>
> if ((out = calloc(1, outlen)) == NULL ||
> b64_ntop(value, inlen, out, outlen) == -1) {
>
