diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2021-04-08 12:38:15 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-04-08 12:38:15 +0200 |
| commit | 3ab659ccaa276d47a3ae4dec0ff67c470f9cba7a (patch) | |
| tree | 5c3f3ec23c86b0343f7e9c0fd0f77c98a37a27d8 | |
| parent | 365569f51c21a0848ef26679fa058cf4976bf9f8 (diff) | |
| parent | 2befac662c60110adfaaf382f12d7a4826379e9f (diff) | |
| download | nextcloud-server-3ab659ccaa276d47a3ae4dec0ff67c470f9cba7a.tar.gz nextcloud-server-3ab659ccaa276d47a3ae4dec0ff67c470f9cba7a.zip | |
Merge pull request #26433 from nextcloud/limit-max-length-of-properties
Limit size of properties to 2048 characters
| -rw-r--r-- | lib/private/Accounts/AccountManager.php | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/lib/private/Accounts/AccountManager.php b/lib/private/Accounts/AccountManager.php index 7b08fa3e598..ea8f99e0216 100644 --- a/lib/private/Accounts/AccountManager.php +++ b/lib/private/Accounts/AccountManager.php @@ -144,6 +144,17 @@ class AccountManager implements IAccountManager { } } + // set a max length + foreach ($data as $propertyName => $propertyData) { + if (isset($data[$propertyName]) && isset($data[$propertyName]['value']) && strlen($data[$propertyName]['value']) > 2048) { + if ($throwOnData) { + throw new \InvalidArgumentException($propertyName); + } else { + $data[$propertyName]['value'] = ''; + } + } + } + $allowedScopes = [ self::SCOPE_PRIVATE, self::SCOPE_LOCAL, |