jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

ldap : Fix crash with invalid queries

Browse Source 
Fixes #56
This commit is contained in:
Girish Ramakrishnan
2016-09-19 13:39:39 -07:00
parent 5333311a35
commit 402c875874
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/ldap.js
View File

@@ -14,7 +14,8 @@ var assert = require('assert'),
UserError = user.UserError,
ldap = require('ldapjs'),
mailboxes = require('./mailboxes.js'),
MailboxError = mailboxes.MailboxError;
MailboxError = mailboxes.MailboxError,
safe = require('safetydance');
var gServer = null;
@@ -86,7 +87,8 @@ function userSearch(req, res, next) {
if (lastName.length !== 0) obj.attributes.sn = lastName;
// ensure all filter values are also lowercase
var lowerCaseFilter = ldap.parseFilter(req.filter.toString().toLowerCase());
var lowerCaseFilter = safe(function () { return ldap.parseFilter(req.filter.toString().toLowerCase()); }, null);
if (!lowerCaseFilter) return next(new ldap.OperationsError(safe.error.toString()));
if ((req.dn.equals(dn) || req.dn.parentOf(dn)) && lowerCaseFilter.matches(obj.attributes)) {
res.send(obj);