From 402c8758749deb058218f744ba52803ea6de0b4e Mon Sep 17 00:00:00 2001
From: Girish Ramakrishnan <girish@cloudron.io>
Date: Mon, 19 Sep 2016 13:39:39 -0700
Subject: [PATCH] ldap : Fix crash with invalid queries

Fixes #56
---
 src/ldap.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/ldap.js b/src/ldap.js
index fbeb5d893..eb2633c33 100644
--- a/src/ldap.js
+++ b/src/ldap.js
@@ -14,7 +14,8 @@ var assert = require('assert'),
     UserError = user.UserError,
     ldap = require('ldapjs'),
     mailboxes = require('./mailboxes.js'),
-    MailboxError = mailboxes.MailboxError;
+    MailboxError = mailboxes.MailboxError,
+    safe = require('safetydance');
 
 var gServer = null;
 
@@ -86,7 +87,8 @@ function userSearch(req, res, next) {
             if (lastName.length !== 0) obj.attributes.sn = lastName;
 
             // ensure all filter values are also lowercase
-            var lowerCaseFilter = ldap.parseFilter(req.filter.toString().toLowerCase());
+            var lowerCaseFilter = safe(function () { return ldap.parseFilter(req.filter.toString().toLowerCase()); }, null);
+            if (!lowerCaseFilter) return next(new ldap.OperationsError(safe.error.toString()));
 
             if ((req.dn.equals(dn) || req.dn.parentOf(dn)) && lowerCaseFilter.matches(obj.attributes)) {
                 res.send(obj);