Bug 918686 - Escaped character cannot be used in the substring search filter
Summary: Escaped character cannot be used in the substring search filter
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: 389-ds-base
Version: 7.0
Hardware: Unspecified
OS: Unspecified
medium
unspecified
Target Milestone: rc
: ---
Assignee: Rich Megginson
QA Contact: Sankar Ramalingam
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-03-06 18:12 UTC by Nathan Kinder
Modified: 2020-09-13 20:19 UTC (History)
3 users (show)

Fixed In Version: 389-ds-base-1.3.1.2-1.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-06-13 10:38:31 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github 389ds 389-ds-base issues 497 0 None None None 2020-09-13 20:19:10 UTC

Description Nathan Kinder 2013-03-06 18:12:58 UTC
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/389/ticket/497

Bug description:
{{{
1) add an entry including '*' in an attribute value. E.g.,
dn: uid=tuser,dc=test,dc=com
[...]
description: This is the special * attribute value

2) search with the filter "(description=*\2a*)", which is supposed to
return the entry having:
description: This is the special * attribute value

But the current version returns no entry.
}}}

Observation:

{{{
slapi_escape_filter_value replaces the original "\2a" with "\\2a".  Then,
it's escaped again by filter_strcpy_special_ext in
ldbm_search_compile_filter to "\\\\2a".  Finally, ".*\\\\2a" is passed to
PCRE.  It does not match the value "This is the special * attribute
value".

If we skip calling slapi_escape_filter_value for the filter
"(description=*\2a*)", the regular expression pattern ".*\\*" is passed to
PCRE, which returns the matched entry.
}}}
(regression: fltr_32?)

Note: without calling slapi_escape_filter_value for substring search, the existing filter tests passed 100%.

Comment 1 Rich Megginson 2013-10-01 23:26:22 UTC
moving all ON_QA bugs to MODIFIED in order to add them to the errata (can't add bugs in the ON_QA state to an errata).  When the errata is created, the bugs should be automatically moved back to ON_QA.

Comment 3 Amita Sharma 2014-01-29 09:09:12 UTC
[root@dhcp201-149 ~]# ldapadd -x -h localhost -p 389 -D "cn=Directory Manager" -w Secret123  << EOF
> dn: uid=amsharma1,ou=people,dc=example,dc=com
> description: This is the special * attribute value
> cn: ams
> sn: ams
> givenname: ams
> objectclass: top
> objectclass: person
> objectclass: organizationalPerson
> objectclass: inetOrgPerson
> uid: ams
> mail: ams@example.com
> userpassword: amsamsams
> EOF
adding new entry "uid=amsharma1,ou=people,dc=example,dc=com"

[root@dhcp201-149 ~]# ldapsearch -x -h localhost -p 389 -D "cn=Directory Manager" -w Secret123 -b "ou=people,dc=example,dc=com" "(description=*\2a*)"
# extended LDIF
#
# LDAPv3
# base <ou=people,dc=example,dc=com> with scope subtree
# filter: (description=*\2a*)
# requesting: ALL
#

# amsharma1, People, example.com
dn: uid=amsharma1,ou=People,dc=example,dc=com
description: This is the special * attribute value
cn: ams
sn: ams
givenName: ams
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: ams
uid: amsharma1
mail: ams@example.com
userPassword:: e1NTSEF9Nzduc2RkWGlJdnY1bUFGQWxKM0x5dWRKVXFSb1FiSDJjLzNjeGc9PQ=

Hence VERIFIED.

Comment 4 Amita Sharma 2014-05-15 06:43:24 UTC
[RHEL7]
[svrbld@dhcp201-149 basic]$ svn ci basic.sh -m "Added test case for bug918686"
Sending        basic.sh
Transmitting file data .
Committed revision 8686.

[svrbld@dhcp201-149 basic]$ svn add user_escape.ldif
A         user_escape.ldif
[svrbld@dhcp201-149 basic]$ svn ci user_escape.ldif -m "Added data for bug918686"
Adding         user_escape.ldif
Transmitting file data .
Committed revision 8687.
[svrbld@dhcp201-149 basic]$ 


[Trunk]
[amsharma@amsharma basic]$ svn ci basic.sh -m "Added test case for bug918686"
Sending        basic.sh
Transmitting file data .
Committed revision 8688.

[amsharma@amsharma basic]$ svn add user_escape.ldif
A         user_escape.ldif
[amsharma@amsharma basic]$ svn ci user_escape.ldif -m "Added data for bug918686"
Adding         user_escape.ldif
Transmitting file data .
Committed revision 8689.

Comment 5 Ludek Smid 2014-06-13 10:38:31 UTC
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.


Note You need to log in before you can comment on or make changes to this bug.