From c3f92ac5d9a127f3685e9c41e70cc775c3ed1b0b Mon Sep 17 00:00:00 2001
From: Anna Larch <anna@nextcloud.com>
Date: Fri, 30 Jun 2023 11:01:22 +0200
Subject: fix(CalDAV): check voject exists before attempting any operation

Signed-off-by: Anna Larch <anna@nextcloud.com>
---
 lib/private/Calendar/Manager.php | 40 +++++++++++++++++++++++++++++++++++-----
 1 file changed, 35 insertions(+), 5 deletions(-)

(limited to 'lib/private/Calendar')

diff --git a/lib/private/Calendar/Manager.php b/lib/private/Calendar/Manager.php
index 7ef9dc585ae..85a600e1cc8 100644
--- a/lib/private/Calendar/Manager.php
+++ b/lib/private/Calendar/Manager.php
@@ -240,12 +240,26 @@ class Manager implements IManager {
 	/**
 	 * @throws \OCP\DB\Exception
 	 */
-	public function handleIMipReply(string $principalUri, string $sender, string $recipient, string $calendarData): bool {
-		/** @var VCalendar $vObject */
+	public function handleIMipReply(
+		string $principalUri,
+		string $sender,
+		string $recipient,
+		string $calendarData,
+	): bool {
+		/** @var VCalendar $vObject|null */
 		$vObject = Reader::read($calendarData);
-		/** @var VEvent $vEvent */
+
+		if ($vObject === null) {
+			return false;
+		}
+
+		/** @var VEvent|null $vEvent */
 		$vEvent = $vObject->{'VEVENT'};
 
+		if ($vEvent === null) {
+			return false;
+		}
+
 		// First, we check if the correct method is passed to us
 		if (strcasecmp('REPLY', $vObject->{'METHOD'}->getValue()) !== 0) {
 			$this->logger->warning('Wrong method provided for processing');
@@ -309,11 +323,27 @@ class Manager implements IManager {
 	 * @since 25.0.0
 	 * @throws \OCP\DB\Exception
 	 */
-	public function handleIMipCancel(string $principalUri, string $sender, ?string $replyTo, string $recipient, string $calendarData): bool {
+	public function handleIMipCancel(
+		string $principalUri,
+		string $sender,
+		?string $replyTo,
+		string $recipient,
+		string $calendarData,
+	): bool {
+		/** @var VCalendar $vObject|null */
 		$vObject = Reader::read($calendarData);
-		/** @var VEvent $vEvent */
+
+		if ($vObject === null) {
+			return false;
+		}
+
+		/** @var VEvent|null $vEvent */
 		$vEvent = $vObject->{'VEVENT'};
 
+		if ($vEvent === null) {
+			return false;
+		}
+
 		// First, we check if the correct method is passed to us
 		if (strcasecmp('CANCEL', $vObject->{'METHOD'}->getValue()) !== 0) {
 			$this->logger->warning('Wrong method provided for processing');
-- 
cgit v1.2.3