Ensure all URI escaping is only done on strings

Xlats already present strings, but there can be cases where the list is
not all strings, such as LDAP map.

diff --git a/src/lib/util/uri.c b/src/lib/util/uri.c
index b959316418b21193afc67791a3ddd826aa78c5ad..de220408f954f347f5a6723e14f2e330f16ae802 100644 (file)
--- a/src/lib/util/uri.c
+++ b/src/lib/util/uri.c
@@ -54,6 +54,15 @@ int fr_uri_escape(fr_value_box_list_t *uri, fr_uri_part_t const *uri_parts, void
                        return -1;
                }
 
+               /*
+                *      Ensure boxes are strings before attempting to escape.
+                */
+               if (unlikely(uri_vb->type != FR_TYPE_STRING)) {
+                       if (fr_value_box_cast_in_place(uri_vb, uri_vb, FR_TYPE_STRING, uri_vb->enumv) < 0) {
+                               fr_strerror_printf_push("Unable to cast %pV to a string", uri_vb);
+                       }
+               }
+
                /*
                 *      Tainted boxes can only belong to a single part of the URI
                 */

diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c
index 0fae8ac9fd4f82f387282f608092f9dd836506e0..596ddb59312075529585f1f1b86acfce94b9d708 100644 (file)
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -445,11 +445,6 @@ static int uri_part_escape(fr_value_box_t *vb, UNUSED void *uctx)
         */
        if (vb->safe == FR_VALUE_BOX_SAFE(1)) return 0;
 
-       /*
-        *      Ensure the box is a string before we attempt to escape it
-        */
-       fr_value_box_cast_in_place(vb, vb, FR_TYPE_STRING, vb->enumv);
-
        /*
         *      Maximum space needed for output would be 3 times the input if every
         *      char needed escaping