From: Joas Schilling <coding@schilljs.com>
Date: Fri, 26 Aug 2022 11:58:18 +0000 (+0200)
Subject: Check address book URI length before creation
X-Git-Tag: v24.0.5rc1~1^2
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=ab113291d6fa95fdc1968b28257313ec749bfae2;p=nextcloud-server.git

Check address book URI length before creation

Signed-off-by: Joas Schilling <coding@schilljs.com>
---

diff --git a/apps/dav/lib/CardDAV/CardDavBackend.php b/apps/dav/lib/CardDAV/CardDavBackend.php
index 1c1754ff752..ebbf44376f5 100644
--- a/apps/dav/lib/CardDAV/CardDavBackend.php
+++ b/apps/dav/lib/CardDAV/CardDavBackend.php
@@ -416,6 +416,10 @@ class CardDavBackend implements BackendInterface, SyncSupport {
 	 * @throws BadRequest
 	 */
 	public function createAddressBook($principalUri, $url, array $properties) {
+		if (strlen($url) > 255) {
+			throw new BadRequest('URI too long. Address book not created');
+		}
+
 		$values = [
 			'displayname' => null,
 			'description' => null,