From 392231e6a64ea2acec8cef1315895a8656d94189 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come.chilliet@nextcloud.com>
Date: Mon, 18 May 2026 16:27:00 +0200
Subject: [PATCH] fix(user_ldap): Escape filter part when searching for group
 members
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
---
 apps/user_ldap/lib/Group_LDAP.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php
index 3ca30890306..32082fa9e47 100644
--- a/apps/user_ldap/lib/Group_LDAP.php
+++ b/apps/user_ldap/lib/Group_LDAP.php
@@ -119,7 +119,7 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis
 						$parts = explode('@', $mid); //making sure we get only the uid
 						$mid = $parts[0];
 					}
-					$filter = str_replace('%uid', $mid, $this->access->connection->ldapLoginFilter);
+					$filter = str_replace('%uid', $this->access->escapeFilterPart($mid), $this->access->connection->ldapLoginFilter);
 					$filterParts[] = $filter;
 					$bytes += strlen($filter);
 					if ($bytes >= 9000000) {
@@ -920,7 +920,7 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis
 				case 'memberuid':
 					//we got uids, need to get their DNs to 'translate' them to user names
 					$filter = $this->access->combineFilterWithAnd([
-						str_replace('%uid', trim($member), $this->access->connection->ldapLoginFilter),
+						str_replace('%uid', $this->access->escapeFilterPart($member), $this->access->connection->ldapLoginFilter),
 						$this->access->combineFilterWithAnd([
 							$this->access->getFilterPartForUserSearch($search),
 							$this->access->connection->ldapUserFilter
@@ -1043,7 +1043,7 @@ class Group_LDAP extends ABackend implements GroupInterface, IGroupLDAP, IGetDis
 				}
 				//we got uids, need to get their DNs to 'translate' them to user names
 				$filter = $this->access->combineFilterWithAnd([
-					str_replace('%uid', $member, $this->access->connection->ldapLoginFilter),
+					str_replace('%uid', $this->access->escapeFilterPart($member), $this->access->connection->ldapLoginFilter),
 					$this->access->getFilterPartForUserSearch($search)
 				]);
 				$ldap_users = $this->access->fetchListOfUsers($filter, ['dn'], 1);