From: Todd C. Miller <Todd.Miller@sudo.ws>
Date: Sun, 4 Mar 2018 14:03:38 +0000 (-0700)
Subject: Handle escaped commas when skipping over the cn.
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=843213d3de5bb423493d8ee637880b1b9fa8acc3;p=sudo

Handle escaped commas when skipping over the cn.
---

diff --git a/plugins/sudoers/cvtsudoers_ldif.c b/plugins/sudoers/cvtsudoers_ldif.c
index 92015235f..563bde4fb 100644
--- a/plugins/sudoers/cvtsudoers_ldif.c
+++ b/plugins/sudoers/cvtsudoers_ldif.c
@@ -1099,13 +1099,18 @@ parse_ldif(const char *input_file, struct cvtsudoers_config *conf)
 		char *cp = line + 3;
 		while (isblank((unsigned char)*cp))
 		    cp++;
+		/* Skip over cn if present. */
 		if (strncasecmp(cp, "cn=", 3) == 0) {
 		    cp += 3;
-		    /* XXX - handle escaped ','? */
-		    while (*cp != ',' && *cp != '\0')
-			cp++;
-		    if (*cp == ',')
-			cp++;
+		    while (*cp != '\0') {
+			/* Handle escaped ',' chars. */
+			if (*cp == '\\')
+			    cp++;
+			if (*cp == ',') {
+			    cp++;
+			    break;
+			}
+		    }
 		}
 		if (strcasecmp(cp, conf->sudoers_base) != 0) {
 		    /* Doesn't match base, skip the rest of it. */