From d41841b4a70fee2068bd6b3dcea04daf9605e5b7 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Fri, 26 Aug 2022 13:58:18 +0200
Subject: [PATCH] Check address book URI length before creation

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 apps/dav/lib/CardDAV/CardDavBackend.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/apps/dav/lib/CardDAV/CardDavBackend.php b/apps/dav/lib/CardDAV/CardDavBackend.php
index 6b60d6701d4..b4fdcf922dc 100644
--- a/apps/dav/lib/CardDAV/CardDavBackend.php
+++ b/apps/dav/lib/CardDAV/CardDavBackend.php
@@ -389,6 +389,10 @@ class CardDavBackend implements BackendInterface, SyncSupport {
 	 * @throws BadRequest
 	 */
 	public function createAddressBook($principalUri, $url, array $properties) {
+		if (strlen($url) > 255) {
+			throw new BadRequest('URI too long. Address book not created');
+		}
+
 		$values = [
 			'displayname' => null,
 			'description' => null,
-- 
2.39.5