summaryrefslogtreecommitdiff
path: root/source4/rpc_server/samr
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2014-03-17 13:33:18 +1300
committerStefan Metzmacher <metze@samba.org>2014-04-02 17:12:47 +0200
commita6b82ee197f6f79bb74e0720d328c4a518e513fe (patch)
tree980cfdea58ef20562c5f62e200d416965a3ff150 /source4/rpc_server/samr
parentf557f82acc54d0fddf8be31bebdbc525ea80a171 (diff)
downloadsamba-a6b82ee197f6f79bb74e0720d328c4a518e513fe.tar.gz
s4-samr: Escape the username in the LDAP filter
Change-Id: I99945f0b86ea2862c88c00ad39c809ef1101ca9b Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source4/rpc_server/samr')
-rw-r--r--source4/rpc_server/samr/samr_password.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c
index 383fce1223f..1466decc081 100644
--- a/source4/rpc_server/samr/samr_password.c
+++ b/source4/rpc_server/samr/samr_password.c
@@ -102,7 +102,7 @@ NTSTATUS dcesrv_samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call,
ret = gendb_search(sam_ctx,
mem_ctx, NULL, &res, attrs,
"(&(sAMAccountName=%s)(objectclass=user))",
- r->in.account->string);
+ ldb_binary_encode_string(mem_ctx, r->in.account->string));
if (ret != 1) {
/* Don't give the game away: (don't allow anonymous users to prove the existance of usernames) */
return NT_STATUS_WRONG_PASSWORD;
@@ -249,7 +249,7 @@ NTSTATUS dcesrv_samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call,
ret = gendb_search(sam_ctx,
mem_ctx, NULL, &res, attrs,
"(&(sAMAccountName=%s)(objectclass=user))",
- r->in.account->string);
+ ldb_binary_encode_string(mem_ctx, r->in.account->string));
if (ret != 1) {
/* Don't give the game away: (don't allow anonymous users to prove the existance of usernames) */
status = NT_STATUS_WRONG_PASSWORD;
View Lorry Controller Status