[pve-devel] [PATCH common] fix #5034 ldap attribute regex
Thomas Lamprecht
t.lamprecht at proxmox.com
Wed Nov 15 16:48:47 CET 2023
Am 15/11/2023 um 16:12 schrieb Stefan Sterz:
> just to through this out there, my last attempt at validating this [1]
> looked something like this:
>
> ```
> my $escaped = qr!\\(?:[ "#+,;<=>\\]|[0-9a-fA-F]{2})!;
> my $start = qr!(?:${escaped}|[^"+,;<>\\\0 #])!;
> my $middle = qr!(?:${escaped}|[^"+,;<>\\\0])!;
> my $end = qr!(?:${escaped}|[^"+,;<>\\\0 ])!;
> my $attr_val = qr!("[^"]+"|${start}(?:${middle}*${end})?)!;
> ```
>
> since things can also be escaped or in quotes, which makes them valid
> again. could probably be improved here, though.
>
> [1]: https://lists.proxmox.com/pipermail/pve-devel/2023-May/056840.html
Thanks for the pointer, memories are comming back now..
It seems like `$attr =~ /^(.*)$/ && return $1` (if even needed to avoid
tainting) seems the more practical solution here...
More information about the pve-devel
mailing list