diff options
| author | ernolf <raphael.gradenwitz@googlemail.com> | 2024-08-20 12:33:28 +0200 |
|---|---|---|
| committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2024-09-26 10:36:34 +0000 |
| commit | 6fa70fc3ccc6d82861b255c9d1f7e457d7e24b16 (patch) | |
| tree | 79705439433684bc18670a6f852827bb53d93351 | |
| parent | 6c473dfe70494390e60783d6c2822d03714f55ae (diff) | |
| download | nextcloud-server-backport/48142/stable27.tar.gz nextcloud-server-backport/48142/stable27.zip | |
fix(share): Ensure unique share tokensbackport/48142/stable27
- check for token collisions and retry up to three times.
- throw after 3 attempts without finding a unique token.
Signed-off-by: ernolf <raphael.gradenwitz@googlemail.com>
| -rw-r--r-- | lib/private/Share20/Manager.php | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 1bb4657ef79..4743d2873bb 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -786,13 +786,25 @@ class Manager implements IManager { $this->linkCreateChecks($share); $this->setLinkParent($share); - // For now ignore a set token. - $share->setToken( - $this->secureRandom->generate( + for ($i = 0; $i <= 3; $i++) { + $token = $this->secureRandom->generate( \OC\Share\Constants::TOKEN_LENGTH, \OCP\Security\ISecureRandom::CHAR_HUMAN_READABLE - ) - ); + ); + + try { + $this->getShareByToken($token); + } catch (\OCP\Share\Exceptions\ShareNotFound $e) { + // Set the unique token + $share->setToken($token); + break; + } + + // Abort after 3 failed attempts + if ($i >= 3) { + throw new \Exception('Unable to generate a unique share token after 3 attempts.'); + } + } // Verify the expiration date $share = $this->validateExpirationDateLink($share); |