upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-25 10:49:21 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Merge pull request #33783 from nextcloud/backport/33139/stable22

Browse source 
[stable22] Check calendar URI length before creation
This commit is contained in:
blizzz 2022-09-08 13:33:43 +02:00 committed by GitHub
commit ad68a6cb77
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
apps/dav/lib/CalDAV/CalDavBackend.php
View file

@ -39,6 +39,7 @@
namespace OCA\DAV\CalDAV;
use DateTime;
use InvalidArgumentException;
use OCA\DAV\AppInfo\Application;
use OCA\DAV\Connector\Sabre\Principal;
use OCA\DAV\DAV\Sharing\Backend;
@ -815,8 +816,14 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
* @param string $calendarUri
* @param array $properties
* @return int
*
* @throws InvalidArgumentException
*/
public function createCalendar($principalUri, $calendarUri, array $properties) {
if (strlen($calendarUri) > 255) {
throw new InvalidArgumentException('URI too long. Calendar not created');
}
$values = [
'principaluri' => $this->convertPrincipal($principalUri, true),
'uri' => $calendarUri,
@ -1406,7 +1413,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
if (!in_array($classification, [
self::CLASSIFICATION_PUBLIC, self::CLASSIFICATION_PRIVATE, self::CLASSIFICATION_CONFIDENTIAL
])) {
throw new \InvalidArgumentException();
throw new InvalidArgumentException();
}
$query = $this->db->getQueryBuilder();
$query->update('calendarobjects')
@ -3105,7 +3112,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription
$result->closeCursor();
if (!isset($objectIds['id'])) {
throw new \InvalidArgumentException('Calendarobject does not exists: ' . $uri);
throw new InvalidArgumentException('Calendarobject does not exists: ' . $uri);
}
return (int)$objectIds['id'];

4
apps/dav/lib/CardDAV/CardDavBackend.php
View file

@ -416,6 +416,10 @@ class CardDavBackend implements BackendInterface, SyncSupport {
* @throws BadRequest
*/
public function createAddressBook($principalUri, $url, array $properties) {
if (strlen($url) > 255) {
throw new BadRequest('URI too long. Address book not created');
}
$values = [
'displayname' => null,
'description' => null,