[PATCH] s3/rpc_server: Character Encode Spotlight Queries
Jeremy Allison
jra at samba.org
Mon Jul 9 18:27:49 UTC 2018
On Sat, Jul 07, 2018 at 11:03:14AM +0200, Ralph Böhme via samba-technical wrote:
> Hi!
>
> Attached find a patch for the Spotlight RPC server. Please review&push if
> happy. Thanks!
Looks OK from a C point of view, just a quick question
on semantics before I RB+ though.
"scope" comes from the user query (i.e. client specified)
yeah ?
What implication does G_URI_RESERVED_CHARS_ALLOWED_IN_PATH
have on g_uri_escape_string() ?
Can you give me a quick overview on the security implications
of this ?
Cheers,
Jeremy.
> --
> Ralph Boehme, Samba Team https://samba.org/
> Samba Developer, SerNet GmbH https://sernet.de/en/samba/
> GPG Key Fingerprint: FAE2 C608 8A24 2520 51C5
> 59E4 AA1E 9B71 2639 9E46
> From 9de5db6461d781dc6a2355c8fa41c36c272dbcaa Mon Sep 17 00:00:00 2001
> From: Ralph Boehme <slow at samba.org>
> Date: Wed, 15 Mar 2017 13:38:19 +0100
> Subject: [PATCH] s3/rpc_server: Character Encode Spotlight Queries
>
> Fix path escaping in Spotlight so paths with spaces or special
> characters can be properly matched to tracker paths.
>
> Bug: https://bugzilla.samba.org/show_bug.cgi?id=12688
>
> Based-on-a-patch-from: Mike M Pestorich <mmpestorich at gmail.com>
> (similar to github.com/netatalk/netatalk/commit/90aa43d)
>
> Signed-off-by: Ralph Boehme <slow at samba.org>
> ---
> source3/rpc_server/mdssvc/mdssvc.c | 16 +++++++++++++---
> 1 file changed, 13 insertions(+), 3 deletions(-)
>
> diff --git a/source3/rpc_server/mdssvc/mdssvc.c b/source3/rpc_server/mdssvc/mdssvc.c
> index 9be0cc48877..5a63d379738 100644
> --- a/source3/rpc_server/mdssvc/mdssvc.c
> +++ b/source3/rpc_server/mdssvc/mdssvc.c
> @@ -1136,6 +1136,8 @@ static bool slrpc_open_query(struct mds_ctx *mds_ctx,
> struct sl_query *slq = NULL;
> int result;
> char *querystring;
> + char *scope = NULL;
> + char *escaped_scope = NULL;
>
> array = dalloc_zero(reply, sl_array_t);
> if (array == NULL) {
> @@ -1214,12 +1216,20 @@ static bool slrpc_open_query(struct mds_ctx *mds_ctx,
> goto error;
> }
>
> - slq->path_scope = dalloc_get(path_scope, "char *", 0);
> - if (slq->path_scope == NULL) {
> + scope = dalloc_get(path_scope, "char *", 0);
> + if (scope == NULL) {
> + goto error;
> + }
> +
> + escaped_scope = g_uri_escape_string(scope,
> + G_URI_RESERVED_CHARS_ALLOWED_IN_PATH,
> + TRUE);
> + if (escaped_scope == NULL) {
> goto error;
> }
>
> - slq->path_scope = talloc_strdup(slq, slq->path_scope);
> + slq->path_scope = talloc_strdup(slq, escaped_scope);
> + g_free(escaped_scope);
> if (slq->path_scope == NULL) {
> goto error;
> }
> --
> 2.13.6
>
More information about the samba-technical
mailing list