fiveop/WebLDAPPasswd
1
0
Fork 0
Code Issues Pull Requests Releases Activity

fix(api): escape externally provided username

Browse Source 
This closes an LDAP injection vulnerability.
This commit is contained in:
Philipp Matthias Schaefer 2021-03-06 12:55:04 +01:00
parent 30fcceb351
commit 60f34c09eb
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/api.rs
View File

@ -15,7 +15,7 @@
// You should have received a copy of the GNU General Affero Public License
// along with the WebLDAPPasswd. If not, see <https://www.gnu.org/licenses/>.
use handlebars::Handlebars;
use ldap3::LdapConn;
use ldap3::{ldap_escape, LdapConn};
use ldap3::exop::PasswordModify;
use ldap3::result::{LdapError, Result};
use rocket_contrib::json::Json;
@ -49,7 +49,8 @@ fn change_password(data: &Json<PasswordData>,
context: &rocket::State<Context>) -> Result<()> {
let dn = Handlebars::new()
.render_template(&context.dn, &json!({"username" : &data.username}))
.render_template(&context.dn,
&json!({"username" : ldap_escape(&data.username)}))
.expect("Unexpected DN template error. Was tested in config.rs");
let mut ldap = LdapConn::new(&context.ldap_url)?;