Skip to content

Commit

Permalink
Tainted data doesn't work here
Browse files Browse the repository at this point in the history 
- the escape function expects a URI, not just a DN
- escaping cn= makes cn\3d - so the DN becomes invalid
  • Loading branch information
@ndptech
ndptech committed Sep 22, 2023
1 parent 1c2feff commit ded0dc3
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion src/tests/modules/ldap/xlat_profile.unlang
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,8 @@ if (!((&reply.Framed-IP-Netmask == 255.255.0.0) && \
test_fail
}

if (!%(ldap.profile:%{taint:cn=suspended,ou=profiles,dc=example,dc=com})) {
if (!%(ldap.profile:cn=suspended,ou=profiles,dc=example,dc=com)) {
test_fail
}

test_pass

0 comments on commit ded0dc3

Please sign in to comment.