]> git.ipfire.org Git - thirdparty/pdns.git/commit
projects / thirdparty / pdns.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9244f6a) | patch
Rewrite the ldap escape function, and always escape network-controlled input.
authorMiod Vallat <miod.vallat@powerdns.com>
Wed, 22 Apr 2026 07:30:16 +0000 (09:30 +0200)
committerMiod Vallat <miod.vallat@powerdns.com>
Wed, 22 Apr 2026 11:21:58 +0000 (13:21 +0200)
commit2a2d1b620224cf0ef8eed3994e6af1dc626e5da7
tree31b4afa0d27ea6204cf13e30fccfe319067a3057tree | snapshot
parent9244f6aea9501d217e36e48ed0296912e40389dacommit | diff
Rewrite the ldap escape function, and always escape network-controlled input.

This new version now will correctly handle 8-bit characters (which need to
be encoded in UTF-8 and then escaped), as well as the corner cases of
leading space or # and trailing space.

This is CVE-2026-33609, part of PowerDNS Security Advisory 2026-05.

Signed-off-by: Miod Vallat <miod.vallat@powerdns.com>
modules/ldapbackend/native.cc diff | blob | blame | history
modules/ldapbackend/powerldap.cc diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.