aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorernolf <raphael.gradenwitz@googlemail.com>2024-08-20 12:33:28 +0200
committerbackportbot[bot] <backportbot[bot]@users.noreply.github.com>2024-09-26 10:38:40 +0000
commit0a9cad04554d841fbe7ae3bd6dabf5039f951fa1 (patch)
tree0fcdc7636b226d01fb4079e09b53f925f97fc172 /lib
parent8446a1eb4c5c657daa4c8d104efd262ac9c5e6cb (diff)
downloadnextcloud-server-0a9cad04554d841fbe7ae3bd6dabf5039f951fa1.tar.gz
nextcloud-server-0a9cad04554d841fbe7ae3bd6dabf5039f951fa1.zip
fix(share): Ensure unique share tokensbackport/48142/stable29
- check for token collisions and retry up to three times. - throw after 3 attempts without finding a unique token. Signed-off-by: ernolf <raphael.gradenwitz@googlemail.com>
Diffstat (limited to 'lib')
-rw-r--r--lib/private/Share20/Manager.php22
1 files changed, 17 insertions, 5 deletions
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php
index 16ada8c6c7a..bd35729cb3c 100644
--- a/lib/private/Share20/Manager.php
+++ b/lib/private/Share20/Manager.php
@@ -697,13 +697,25 @@ class Manager implements IManager {
$this->linkCreateChecks($share);
$this->setLinkParent($share);
- // For now ignore a set token.
- $share->setToken(
- $this->secureRandom->generate(
+ for ($i = 0; $i <= 3; $i++) {
+ $token = $this->secureRandom->generate(
\OC\Share\Constants::TOKEN_LENGTH,
\OCP\Security\ISecureRandom::CHAR_HUMAN_READABLE
- )
- );
+ );
+
+ try {
+ $this->getShareByToken($token);
+ } catch (\OCP\Share\Exceptions\ShareNotFound $e) {
+ // Set the unique token
+ $share->setToken($token);
+ break;
+ }
+
+ // Abort after 3 failed attempts
+ if ($i >= 3) {
+ throw new \Exception('Unable to generate a unique share token after 3 attempts.');
+ }
+ }
// Verify the expiration date
$share = $this->validateExpirationDateLink($share);