Fix string decoding

Author: liggitt

filter.go

@@ -425,9 +425,15 @@ func compileFilter(filter string, pos int) (*ber.Packet, int, error) {
 // Convert from "ABC\xx\xx\xx" form to literal bytes for transport
 func escapedStringToEncodedBytes(escapedString string) (string, error) {
 	var buffer bytes.Buffer
-	for i := 0; i < len(escapedString); i++ {
+	i := 0
+	for i < len(escapedString) {
+		currentRune, currentWidth := utf8.DecodeRuneInString(escapedString[i:])
+		if currentRune == utf8.RuneError {
+			return "", NewError(ErrorFilterCompile, fmt.Errorf("ldap: error reading rune at position %d", i))
+		}
+
 		// Check for escaped hex characters and convert them to their literal value for transport.
-		if escapedString[i] == '\\' {
+		if currentRune == '\\' {
 			// http://tools.ietf.org/search/rfc4515
 			// \ (%x5C) is not a valid character unless it is followed by two HEX characters due to not
 			// being a member of UTF1SUBSET.
@@ -441,9 +447,10 @@ func escapedStringToEncodedBytes(escapedString string) (string, error) {
 				i += 2 // +1 from end of loop, so 3 total for \xx.
 			}
 		} else {
-			buffer.WriteString(string(escapedString[i]))
+			buffer.WriteRune(currentRune)
 		}
-	}
 
+		i += currentWidth
+	}
 	return buffer.String(), nil
 }

filter_test.go

@@ -65,13 +65,13 @@ var testFilters = []compileTest{
 	// substring filters escape properly
 	compileTest{
 		filterStr:      `(sn=Mi*함*r)`,
-		expectedFilter: `(sn=Mi*\c3\ad\c2\95\c2\a8*r)`,
+		expectedFilter: `(sn=Mi*\ed\95\a8*r)`,
 		expectedType:   ldap.FilterSubstrings,
 	},
 	// already escaped substring filters don't get double-escaped
 	compileTest{
-		filterStr:      `(sn=Mi*\c3\ad\c2\95\c2\a8*r)`,
-		expectedFilter: `(sn=Mi*\c3\ad\c2\95\c2\a8*r)`,
+		filterStr:      `(sn=Mi*\ed\95\a8*r)`,
+		expectedFilter: `(sn=Mi*\ed\95\a8*r)`,
 		expectedType:   ldap.FilterSubstrings,
 	},
 	compileTest{
@@ -111,12 +111,12 @@ var testFilters = []compileTest{
 	},
 	compileTest{
 		filterStr:      `(objectGUID=абвгдеёжзийклмнопрстуфхцчшщъыьэюя)`,
-		expectedFilter: `(objectGUID=\c3\90\c2\b0\c3\90\c2\b1\c3\90\c2\b2\c3\90\c2\b3\c3\90\c2\b4\c3\90\c2\b5\c3\91\c2\91\c3\90\c2\b6\c3\90\c2\b7\c3\90\c2\b8\c3\90\c2\b9\c3\90\c2\ba\c3\90\c2\bb\c3\90\c2\bc\c3\90\c2\bd\c3\90\c2\be\c3\90\c2\bf\c3\91\c2\80\c3\91\c2\81\c3\91\c2\82\c3\91\c2\83\c3\91\c2\84\c3\91\c2\85\c3\91\c2\86\c3\91\c2\87\c3\91\c2\88\c3\91\c2\89\c3\91\c2\8a\c3\91\c2\8b\c3\91\c2\8c\c3\91\c2\8d\c3\91\c2\8e\c3\91\c2\8f)`,
+		expectedFilter: `(objectGUID=\d0\b0\d0\b1\d0\b2\d0\b3\d0\b4\d0\b5\d1\91\d0\b6\d0\b7\d0\b8\d0\b9\d0\ba\d0\bb\d0\bc\d0\bd\d0\be\d0\bf\d1\80\d1\81\d1\82\d1\83\d1\84\d1\85\d1\86\d1\87\d1\88\d1\89\d1\8a\d1\8b\d1\8c\d1\8d\d1\8e\d1\8f)`,
 		expectedType:   ldap.FilterEqualityMatch,
 	},
 	compileTest{
 		filterStr:      `(objectGUID=함수목록)`,
-		expectedFilter: `(objectGUID=\c3\ad\c2\95\c2\a8\c3\ac\c2\88\c2\98\c3\ab\c2\aa\c2\a9\c3\ab\c2\a1\c2\9d)`,
+		expectedFilter: `(objectGUID=\ed\95\a8\ec\88\98\eb\aa\a9\eb\a1\9d)`,
 		expectedType:   ldap.FilterEqualityMatch,
 	},
 	compileTest{
@@ -133,7 +133,7 @@ var testFilters = []compileTest{
 	},
 	compileTest{
 		filterStr:      `(&(objectclass=inetorgperson)(cn=中文))`,
-		expectedFilter: `(&(objectclass=inetorgperson)(cn=\c3\a4\c2\b8\c2\ad\c3\a6\c2\96\c2\87))`,
+		expectedFilter: `(&(objectclass=inetorgperson)(cn=\e4\b8\ad\e6\96\87))`,
 		expectedType:   0,
 	},
 	// attr extension