} else {

                /* On NT without Unicode the fileNameLength
                 * includes the '\0' whereas on win98 it doesn't. I
                 * guess most clients only support non-unicode so
                 * they don't run into this.
                 */

                /* UPDATE: Maybe not! Could this be a Unicode alignment issue. I hope

    public void test_escapeLDAPSearchFilter_withMixedContent() {
        LdapManager ldapManager = new LdapManager();
        ldapManager.init();

        // Mixed normal and special characters
        assertEquals("user\\28test\\29", ldapManager.escapeLDAPSearchFilter("user(test)"));
        assertEquals("admin\\2auser", ldapManager.escapeLDAPSearchFilter("admin*user"));
        assertEquals("test\\5cpath", ldapManager.escapeLDAPSearchFilter("test\\path"));

    // TODO(cpovirk): Consider using Object[] anyway.
    @SuppressWarnings("unchecked")
    E[] array = (E[]) elements.toArray();
    /*
     * For a Set, we guess that it contains no duplicates. That's just a guess for purpose of
     * sizing; if the Set uses different equality semantics, it might contain duplicates according
     * to equals(), and we will deduplicate those properly, albeit at some cost in allocations.

    }

    // Mock classes

    static class MockFessConfig extends FessConfig.SimpleImpl {
        @Override
        public String[] getSearchDefaultPermissionsAsArray() {
            return new String[] { "guest", "default" };
        }

        @Override
        public List<String> getSearchGuestRoleList() {
            List<String> roles = new ArrayList<>();
            roles.add("guest_role1");

            // MID checking not required here as we only read responses for which we're waiting
            // We only read what we were waiting for, so first guess would be no.
            final boolean verify = dgst.verify(buffer, i, size, 0, this);
            this.verifyFailed = verify;
            return !verify;
        }
        return true;
    }

### Timing Attacks { #timing-attacks }

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

And they send a request with a username `johndoe` and a password `love123`.

Then the Python code in your application would be equivalent to something like:

```Python

which would be equivalent to:

```python
from backend.main import app
```

### `fastapi dev` with path { #fastapi-dev-with-path }

You can also pass the file path to the `fastapi dev` command, and it will guess the FastAPI app object to use:

```console
$ fastapi dev main.py
```

But you would have to remember to pass the correct path every time you call the `fastapi` command.

                                "shared;/share/shared;no;no;no;all;" + USERNAME + ";all;all", "-g", "log level = 1", "-g",
                                "security = user", "-g", "map to guest = bad user")
                        .withLogConsumer(new Slf4jLogConsumer(LoggerFactory.getLogger(SmbFileIntegrationTest.class)))

    assertExpectedBytes(out.toByteArray());
  }

  public void testCopyTo_byteSink() throws IOException {
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    // HERESY! but it's ok just for this I guess
    source.copyTo(
        new ByteSink() {
          @Override
          public OutputStream openStream() throws IOException {
            return out;
          }
        });

         * layer of fallback before consulting the system property, we could try
         * com.sun.security.auth.module.NTSystem.
         *
         * But for now, we use the value from the system property as our best guess.
         */
        return fromSystemProperty;
      } catch (InvocationTargetException e) {
        throwIfUnchecked(e.getCause()); // in case it's an Error or something