ruby-net-ldap Net::LDAP::DN.escape() throws when attempting to escape attr value beginning with `#`

Net::LDAP::DN.escape() throws when attempting to escape attr value beginning with `#`

Open bgraves-lo opened this issue 4 years ago • 1 comments

Net::LDAP::DN.escape() is meant to adhere to https://datatracker.ietf.org/doc/html/rfc2253#section-2.4, which defines the convention for escaping attribute values.

Here's the related code: https://github.com/ruby-ldap/ruby-net-ldap/blob/d6bb5c8d694662e36317f21d96cd6b02db263b6d/lib/net/ldap/dn.rb#L192-L216

The code properly escapes the special characters included in the ESCAPES hash, handling this case from the RFC:

    o   one of the characters ",", "+", """, "\", "<", ">" or ";"

But the problem occurs with the special cases involving '#' and space:

    o   a space or "#" character occurring at the beginning of the
        string

    o   a space character occurring at the end of the string

Space and '#' aren't included in that hash, so if ESCAPE_RE matches '^#', for instance, the lookup of ESCAPES['#'] returns nil, which causes "\\" + ESCAPES[char] to throw a TypeError (no implicit conversion of nil into String).

A potential workaround:

  def self.escape(string)
    string.gsub(ESCAPE_RE) { |char| "\\" + (ESCAPES[char] || char) }
  end

Oct 12 '21 00:10 bgraves-lo

Thank you for opening this issue! You have described this very well and I would be happy to review a pull request for this fix!

Jun 07 '22 00:06 HarlemSquirrel

This fell off my radar till now 😅 , just submitted a PR.

Sep 16 '22 09:09 bgraves-lo

ruby-net-ldap ruby-net-ldap copied to clipboard

Net::LDAP::DN.escape() throws when attempting to escape attr value beginning with `#`

ruby-net-ldap
ruby-net-ldap copied to clipboard