Make LDAP_ESCAPE_DN compliant with RFC 4514

Author: ChadSikorra

ext/ldap/ldap.c

@@ -2823,7 +2823,7 @@ PHP_FUNCTION(ldap_set_rebind_proc)
 /* }}} */
 #endif
 
-static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value, size_t valuelen)
+static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value, size_t valuelen, zend_long flags)
 {
 	char hex[] = "0123456789abcdef";
 	size_t i, p = 0;
@@ -2833,13 +2833,20 @@ static zend_string* php_ldap_do_escape(const zend_bool *map, const char *value,
 	for (i = 0; i < valuelen; i++) {
 		len += (map[(unsigned char) value[i]]) ? 3 : 1;
 	}
+	/* Per RFC 4514, a leading and trailing space must be escaped */
+	if (flags & PHP_LDAP_ESCAPE_DN && value[0] == ' ') {
+		len += 2;
+	}
+	if (flags & PHP_LDAP_ESCAPE_DN && valuelen && value[valuelen] == ' ') {
+		len += 2;
+	}
 
 	ret =  zend_string_alloc(len, 0);
 
 	for (i = 0; i < valuelen; i++) {
 		unsigned char v = (unsigned char) value[i];
 
-		if (map[v]) {
+		if (map[v] || (flags & PHP_LDAP_ESCAPE_DN && (i == 0 || i + 1 == valuelen ) && v == ' ')) {
 			ZSTR_VAL(ret)[p++] = '\\';
 			ZSTR_VAL(ret)[p++] = hex[v >> 4];
 			ZSTR_VAL(ret)[p++] = hex[v & 0x0f];
@@ -2884,7 +2891,7 @@ PHP_FUNCTION(ldap_escape)
 
 	if (flags & PHP_LDAP_ESCAPE_DN) {
 		havecharlist = 1;
-		php_ldap_escape_map_set_chars(map, "\\,=+<>;\"#", sizeof("\\,=+<>;\"#") - 1, 1);
+		php_ldap_escape_map_set_chars(map, "\\,=+<>;\"#\r", sizeof("\\,=+<>;\"#\r") - 1, 1);
 	}
 
 	if (!havecharlist) {
@@ -2897,7 +2904,7 @@ PHP_FUNCTION(ldap_escape)
 		php_ldap_escape_map_set_chars(map, ignores, ignoreslen, 0);
 	}
 
-	RETURN_NEW_STR(php_ldap_do_escape(map, value, valuelen));
+	RETURN_NEW_STR(php_ldap_do_escape(map, value, valuelen, flags));
 }
 
 #ifdef STR_TRANSLATION

ext/ldap/tests/bug72021.phpt

@@ -0,0 +1,14 @@
+--TEST--
+Bug #72021 (ldap_escape() with DN flag is not RFC compliant)
+--CREDITS--
+Chad Sikorra <[email protected]>
+--SKIPIF--
+<?php require_once('skipif.inc'); ?>
+--FILE--
+<?php
+$subject = " Joe,= \rSmith ";
+
+var_dump(ldap_escape($subject, null, LDAP_ESCAPE_DN));
+?>
+--EXPECT--
+string(24) "\20Joe\2c\3d \0dSmith\20"