diff options
| author | Georg Ehrke <developer@georgehrke.com> | 2017-10-22 12:16:58 +0200 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2017-11-27 17:14:18 +0100 |
| commit | ea117bac315b10ad50cb6bdcc56799842d59ad25 (patch) | |
| tree | 39e5c37bffdcb81fd5f7b0914d66bf13681d128d /apps/dav/lib/CalDAV | |
| parent | f700cd14fa4f094b7822edcf2e1a74b7f44ae32b (diff) | |
| download | nextcloud-server-ea117bac315b10ad50cb6bdcc56799842d59ad25.tar.gz nextcloud-server-ea117bac315b10ad50cb6bdcc56799842d59ad25.zip | |
catch errors when parsing calendar data for calendar query requests
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
Diffstat (limited to 'apps/dav/lib/CalDAV')
| -rw-r--r-- | apps/dav/lib/CalDAV/CalDavBackend.php | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/apps/dav/lib/CalDAV/CalDavBackend.php b/apps/dav/lib/CalDAV/CalDavBackend.php index 9045a62cde4..2f591a262a2 100644 --- a/apps/dav/lib/CalDAV/CalDavBackend.php +++ b/apps/dav/lib/CalDAV/CalDavBackend.php @@ -37,6 +37,7 @@ use OCA\DAV\Connector\Sabre\Principal; use OCA\DAV\DAV\Sharing\Backend; use OCP\IDBConnection; use OCP\IGroupManager; +use OCP\ILogger; use OCP\IUser; use OCP\IUserManager; use OCP\Security\ISecureRandom; @@ -56,6 +57,8 @@ use Sabre\VObject\Component\VCalendar; use Sabre\VObject\Component\VEvent; use Sabre\VObject\Component\VTimeZone; use Sabre\VObject\DateTimeParser; +use Sabre\VObject\InvalidDataException; +use Sabre\VObject\ParseException; use Sabre\VObject\Property; use Sabre\VObject\Reader; use Sabre\VObject\Recur\EventIterator; @@ -152,6 +155,9 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription /** @var ISecureRandom */ private $random; + /** @var ILogger */ + private $logger; + /** @var EventDispatcherInterface */ private $dispatcher; @@ -169,6 +175,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription * @param IUserManager $userManager * @param IGroupManager $groupManager * @param ISecureRandom $random + * @param ILogger $logger * @param EventDispatcherInterface $dispatcher * @param bool $legacyEndpoint */ @@ -177,6 +184,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription IUserManager $userManager, IGroupManager $groupManager, ISecureRandom $random, + ILogger $logger, EventDispatcherInterface $dispatcher, $legacyEndpoint = false) { $this->db = $db; @@ -184,6 +192,7 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription $this->userManager = $userManager; $this->sharingBackend = new Backend($this->db, $this->userManager, $groupManager, $principalBackend, 'calendar'); $this->random = $random; + $this->logger = $logger; $this->dispatcher = $dispatcher; $this->legacyEndpoint = $legacyEndpoint; } @@ -1219,7 +1228,25 @@ class CalDavBackend extends AbstractBackend implements SyncSupport, Subscription $result = []; while($row = $stmt->fetch(\PDO::FETCH_ASSOC)) { if ($requirePostFilter) { - if (!$this->validateFilterForObject($row, $filters)) { + // validateFilterForObject will parse the calendar data + // catch parsing errors + try { + $matches = $this->validateFilterForObject($row, $filters); + } catch(ParseException $ex) { + $this->logger->logException($ex, [ + 'app' => 'dav', + 'message' => 'Caught parsing exception for calendar data. This usually indicates invalid calendar data. calendar-id:'.$calendarId.' uri:'.$row['uri'] + ]); + continue; + } catch (InvalidDataException $ex) { + $this->logger->logException($ex, [ + 'app' => 'dav', + 'message' => 'Caught invalid data exception for calendar data. This usually indicates invalid calendar data. calendar-id:'.$calendarId.' uri:'.$row['uri'] + ]); + continue; + } + + if (!$matches) { continue; } } |