[Freeipa-devel] [PATCH] 971 detect binary LDAP data
Rob Crittenden
rcritten at redhat.com
Mon Feb 27 15:03:02 UTC 2012
Petr Viktorin wrote:
> On 02/27/2012 03:44 PM, Rob Crittenden wrote:
>> We are pretty trusting that the data coming out of LDAP matches its
>> schema but it is possible to stuff non-printable characters into most
>> attributes.
>>
>> I've added a sanity checker to keep a value as a python str type
>> (treated as binary internally). This will result in a base64 encoded
>> blob be returned to the client.
>>
>> rob
>>
>>
>> _______________________________________________
>> Freeipa-devel mailing list
>> Freeipa-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-devel
>
> Do we also need to do this for invalid UTF-8 sequences?
>
Perhaps. I took the cowards way out and went for the bare minimum that
would totally break XML-RPC and cause the client to blow up.
rob
More information about the Freeipa-devel
mailing list