@@ -514,17 +514,28 @@ impl RustLDAP {
514514/// }
515515/// ```
516516pub fn escape_filter_assertion_value ( input : & str ) -> Result < String , LDAPError > {
517+ fn to_hex ( byte : u8 ) -> u8 {
518+ match byte {
519+ 0 ..=9 => b'0' + byte,
520+ _ => b'a' + byte - 10 ,
521+ }
522+ }
523+
517524 String :: from_utf8 (
518525 input
519- . escape_default ( )
520- . to_string ( )
521526 . bytes ( )
522527 . flat_map ( |c| match c {
523528 b'\0' => vec ! [ b'\\' , b'0' , b'0' ] ,
529+ b'!' => vec ! [ b'\\' , b'2' , b'1' ] ,
530+ b'&' => vec ! [ b'\\' , b'2' , b'6' ] ,
524531 b'(' => vec ! [ b'\\' , b'2' , b'8' ] ,
525532 b')' => vec ! [ b'\\' , b'2' , b'9' ] ,
526533 b'*' => vec ! [ b'\\' , b'2' , b'a' ] ,
527534 b'\\' => vec ! [ b'\\' , b'5' , b'c' ] ,
535+ b':' => vec ! [ b'\\' , b'3' , b'a' ] ,
536+ b'|' => vec ! [ b'\\' , b'7' , b'c' ] ,
537+ b'~' => vec ! [ b'\\' , b'7' , b'e' ] ,
538+ 0x7F ..=0xFF => vec ! [ b'\\' , to_hex( c >> 4 ) , to_hex( c & 0xf ) ] ,
528539 _ => vec ! [ c] ,
529540 } )
530541 . collect ( ) ,
@@ -769,15 +780,17 @@ mod tests {
769780
770781 #[ test]
771782 fn test_search_filter_escapation ( ) {
772- let input_a =
773- r"*\doesnotmatter)(isMemberOf=cn=admins,ou=groups,ou=example,ou=org)(doesnotmatter=" ;
774- let expected_filtered_a = r"\2a\5c\5cdoesnotmatter\29\28isMemberOf=cn=admins,ou=groups,ou=example,ou=org\29\28doesnotmatter=" ;
783+ let input_a = r"*\)(&!|~unaltered" ;
784+ let expected_filtered_a = r"\2a\5c\29\28\26\21\7c\7eunaltered" ;
775785
776786 let input_b = "thisshouldnotbealtered...[][]---,;;;" ;
777787
778788 let filtered_input_a = escape_filter_assertion_value ( input_a) . unwrap ( ) ;
779789 let filtered_input_b = escape_filter_assertion_value ( input_b) . unwrap ( ) ;
780-
790+ assert_eq ! (
791+ escape_filter_assertion_value( "🌏" ) . unwrap( ) ,
792+ r"\f0\9f\8c\8f" ,
793+ ) ;
781794 assert_eq ! ( expected_filtered_a, filtered_input_a) ;
782795 assert_eq ! ( input_b, filtered_input_b) ;
783796 }
0 commit comments