directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <>
Subject [jira] Commented: (DIRSERVER-1276) unescaping binary string corrupts values
Date Sat, 25 Jul 2009 16:16:15 GMT


Emmanuel Lecharny commented on DIRSERVER-1276:

After a further analysis, there is a major flaw in the way filters are handled.

Here is what should be done

On the client side : The filter values should be considered as ASCII Strings, with all the
value above 0x7F, plus '(', ')', '*', '\ and '\0' are to be escaped using the syntax '\XY'
where XY represent thehex value of the escaped char.

We don't do any difference between a binary or a string value, they will be both transformed
to a byte[].

On the server side, we can determinate which is the value type, as we know which kind of AttributeType
we have (either a H/R or not). We then transform the value to a StringValue or to a BinaryValue.

> unescaping binary string corrupts values
> ----------------------------------------
>                 Key: DIRSERVER-1276
>                 URL:
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 1.5.3
>         Environment: Windows running under JBOSS
>            Reporter: Steve hammond
>             Fix For: 1.5.5
> When I pass in an escaped string into search, inside ConcreteNameComponentNormalizer,
it corrupts the binary values.
> passed in 
> (&(\29\4C\04\B5\D4\ED\38\46\87\EE\77\58\5C\32\AD\91))
> after normalization interceptor visitor it is:
> (&('0x29 0x4C 0x04 0xEF 0xBE 0xB5 0xEF 0xBF
0x94 0xEF 0xBF 0xAD 0x38 0x46 0xEF 0xBE ...'))
> looks like in ConcreteNameComponentNormalizer line129                byte[] valBytes
= unescaped.getBytes( "UTF-8" );
> causes the corruption.  The Variable unescaped seems correct and is 16 bytes, valBytes
gets created with 30 bytes with the extra data inserted.
> The code I am using is:
>          SearchOperationContext opContext = new SearchOperationContext(
>                apacheds.getDirectoryService().getRegistries(),
>                baseDN,
>                AliasDerefMode.NEVER_DEREF_ALIASES, 
>                FilterParser.parse("(&(objectClass=person)(objectguid=\29\4C\04\B5\D4\ED\38\46\87\EE\77\58\5C\32\AD\91))"),
>                new SearchControls (
>                      SearchControls.SUBTREE_SCOPE, 
>                      0, // countlim
>                      0, // timelim
>                      retAttrs,
>                      false, true));
>          NamingEnumeration<ServerSearchResult> res =;

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message