mirror of
https://github.com/elicpeter/nyx.git
synced 2026-07-12 21:02:11 +02:00
new capacity bits (#67)
This commit is contained in:
parent
afaffc0df6
commit
7d0e7320e2
261 changed files with 10591 additions and 231 deletions
15
tests/fixtures/ldap_injection/cpp/unsafe_ldap_search.cpp
vendored
Normal file
15
tests/fixtures/ldap_injection/cpp/unsafe_ldap_search.cpp
vendored
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
// Unsafe: tainted env value passed straight as the LDAP filter argument to
|
||||
// ldap_search_ext_s. LDAP_INJECTION fires on the filter argument (position 3).
|
||||
#include <cstdlib>
|
||||
#include <ldap.h>
|
||||
|
||||
int do_lookup(LDAP* ld) {
|
||||
const char* user_filter = std::getenv("USER_FILTER");
|
||||
LDAPMessage* res = nullptr;
|
||||
return ldap_search_ext_s(
|
||||
ld,
|
||||
"ou=people,dc=example,dc=com",
|
||||
LDAP_SCOPE_SUBTREE,
|
||||
user_filter,
|
||||
nullptr, 0, nullptr, nullptr, nullptr, 0, &res);
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue