Merge branch 'pull-request/1955'

Côme Bernigaud · Côme Bernigaud · commit c53aadbba3d5 · 2016-07-07T05:11:56.000+02:00
* pull-request/1955:
  Add parenthesis to if statements
  Correctly add to the length of the final string
  Correctly add to the length of the final string
  Fix minor spacing issue
  Make LDAP_ESCAPE_DN compliant with RFC 4514
diff --git a/ext/ldap/ldap.c b/ext/ldap/ldap.c
@@ -2826,7 +2826,7 @@ PHP_FUNCTION(ldap_set_rebind_proc)
 /* }}} */
 #endif
 
-static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value, size_t valuelen)
+static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value, size_t valuelen, zend_long flags)
 {
 	char hex[] = "0123456789abcdef";
 	size_t i, p = 0;
@@ -2836,13 +2836,20 @@ static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value,
 	for (i = 0; i < valuelen; i++) {
 		len += (map[(unsigned char) value[i]]) ? 3 : 1;
 	}
+	/* Per RFC 4514, a leading and trailing space must be escaped */
+	if ((flags & PHP_LDAP_ESCAPE_DN) && (value[0] == ' ')) {
+		len += 2;
+	}
+	if ((flags & PHP_LDAP_ESCAPE_DN) && ((valuelen > 1) && (value[valuelen - 1] == ' '))) {
+		len += 2;
+	}
 
 	ret =  zend_string_alloc(len, 0);
 
 	for (i = 0; i < valuelen; i++) {
 		unsigned char v = (unsigned char) value[i];
 
-		if (map[v]) {
+		if (map[v] || ((flags & PHP_LDAP_ESCAPE_DN) && ((i == 0) || (i + 1 == valuelen)) && (v == ' '))) {
 			ZSTR_VAL(ret)[p++] = '\\';
 			ZSTR_VAL(ret)[p++] = hex[v >> 4];
 			ZSTR_VAL(ret)[p++] = hex[v & 0x0f];
@@ -2887,7 +2894,7 @@ PHP_FUNCTION(ldap_escape)
 
 	if (flags & PHP_LDAP_ESCAPE_DN) {
 		havecharlist = 1;
-		php_ldap_escape_map_set_chars(map, "\\,=+<>;\"#", sizeof("\\,=+<>;\"#") - 1, 1);
+		php_ldap_escape_map_set_chars(map, "\\,=+<>;\"#\r", sizeof("\\,=+<>;\"#\r") - 1, 1);
 	}
 
 	if (!havecharlist) {
@@ -2900,7 +2907,7 @@ PHP_FUNCTION(ldap_escape)
 		php_ldap_escape_map_set_chars(map, ignores, ignoreslen, 0);
 	}
 
-	RETURN_NEW_STR(php_ldap_do_escape(map, value, valuelen));
+	RETURN_NEW_STR(php_ldap_do_escape(map, value, valuelen, flags));
 }
 
 #ifdef STR_TRANSLATION
diff --git a/ext/ldap/tests/bug72021.phpt b/ext/ldap/tests/bug72021.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Bug #72021 (ldap_escape() with DN flag is not RFC compliant)
+--CREDITS--
+Chad Sikorra <Chad.Sikorra@gmail.com>
+--SKIPIF--
+<?php require_once('skipif.inc'); ?>
+--FILE--
+<?php
+$subject = " Joe,= \rSmith ";
+
+var_dump(ldap_escape($subject, null, LDAP_ESCAPE_DN));
+?>
+--EXPECT--
+string(24) "\20Joe\2c\3d \0dSmith\20"
