ADS_STATUS status;
char *exp;
const char *attrs[] = {"*", NULL};
+ char *escaped_user = escape_ldap_string_alloc(user);
+ if (!escaped_user) {
+ return ADS_ERROR(LDAP_NO_MEMORY);
+ }
- asprintf(&exp, "(samAccountName=%s)", user);
+ asprintf(&exp, "(samAccountName=%s)", escaped_user);
status = ads_search(ads, res, exp, attrs);
- free(exp);
+ SAFE_FREE(exp);
+ SAFE_FREE(escaped_user);
return status;
}