From 86baefe2245a74f1777418b1e2c7b97e33c42529 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 5 Apr 2011 16:21:14 +1000 Subject: kdc: always ldb escape the realm --- source4/kdc/db-glue.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'source4/kdc') diff --git a/source4/kdc/db-glue.c b/source4/kdc/db-glue.c index 6ef928caa15..732e553ca3d 100644 --- a/source4/kdc/db-glue.c +++ b/source4/kdc/db-glue.c @@ -1002,9 +1002,19 @@ static krb5_error_code samba_kdc_lookup_trust(krb5_context context, struct ldb_c const char * const *attrs = trust_attrs; struct ldb_result *res = NULL; - filter = talloc_asprintf(mem_ctx, "(&(objectClass=trustedDomain)(|(flatname=%s)(trustPartner=%s)))", realm, realm); + char *realm_encoded = ldb_binary_encode_string(mem_ctx, realm); + if (!realm_encoded) { + if (!filter) { + ret = ENOMEM; + krb5_set_error_message(context, ret, "talloc_asprintf: out of memory"); + return ret; + } + } + filter = talloc_asprintf(mem_ctx, "(&(objectClass=trustedDomain)(|(flatname=%s)(trustPartner=%s)))", + realm_encoded, realm_encoded); if (!filter) { + talloc_free(realm_encoded); ret = ENOMEM; krb5_set_error_message(context, ret, "talloc_asprintf: out of memory"); return ret; -- cgit v1.2.1