Check address book URI length before creation

Signed-off-by: Joas Schilling <coding@schilljs.com>

diff --git a/apps/dav/lib/CardDAV/CardDavBackend.php b/apps/dav/lib/CardDAV/CardDavBackend.php
index 1c1754ff752f35c50f640a46119e1025fd3727d0..ebbf44376f57f7faa0a03c7922695bc1ace07614 100644 (file)
--- a/apps/dav/lib/CardDAV/CardDavBackend.php
+++ b/apps/dav/lib/CardDAV/CardDavBackend.php
@@ -416,6 +416,10 @@ class CardDavBackend implements BackendInterface, SyncSupport {
         * @throws BadRequest
         */
        public function createAddressBook($principalUri, $url, array $properties) {
+               if (strlen($url) > 255) {
+                       throw new BadRequest('URI too long. Address book not created');
+               }
+
                $values = [
                        'displayname' => null,
                        'description' => null,