Skip to Main Content

How to resolve an LDAP injection vulnerability issue?

2801625Jan 21 2015

In the code below (red text) I'm getting an LDAP injection vulnerability error. I'm having trouble identifying the parameters needed to call the escape routine. The LDAP query string is located in the class EscapeLDAPQueryString. What are the parameters for calling the escape routine. (String escapedString = EscapeLDAPQueryString.escapeQuery();

What is the escapedString and the (string that needs to be escaped)?

magnifySearchLogger.trace("filter=" + StringEscapeUtils.replaceCRLF(filter));

final String modified_group = dnOfGroup;
magnifySearchLogger.trace("Group=" + dnOfGroup);
magnifySearchLogger.trace("modified_group=" + modified_group);

final NamingEnumeration <SearchResult> answer = this.ctx
                              .search(modified_group, filter, ctls);
//String results = " Not Found ";
final int count = countResults(answer);

return count;

EscapeLDAPQueryString Class Code

//String relativeDN = "cn=abc,dn=xyz,ou=abc+\"<>/d=ef";

//Split String
String[] stringData = queryString.split(",");


{
StringBuilder newLDAPString = new StringBuilder();
CharSequence charAdded = ",";

// loop thru each element of the array
for (int place = 0; place < stringData.length; place++) {



String keyValuePair = stringData[place];

int eq = keyValuePair.indexOf('=');
String distinguishedName = keyValuePair.substring(0,eq+1); 
String distinguishedValue = keyValuePair.substring(eq+1, keyValuePair.length()); 

String escapedDistinguishedValue = StringEscapeUtils.escapeDN(distinguishedValue);

newLDAPString.append(distinguishedName)
  .append(escapedDistinguishedValue);


if (place < stringData.length - 1)

newLDAPString.append(charAdded);
}

return newLDAPString.toString();
}
}
}


Comments
Post Details
Added on Jan 21 2015
0 comments
541 views