From 256fbe9d77f5413bed1bd1a39451daccdbe3517b Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Fri, 11 Nov 2022 09:37:26 +0100
Subject: Validate if the user part of a "cloud id" can even be a valid user id

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 lib/private/Federation/CloudIdManager.php | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'lib/private/Federation/CloudIdManager.php')

diff --git a/lib/private/Federation/CloudIdManager.php b/lib/private/Federation/CloudIdManager.php
index e4e42cb1293..85aae8e5ec5 100644
--- a/lib/private/Federation/CloudIdManager.php
+++ b/lib/private/Federation/CloudIdManager.php
@@ -125,6 +125,9 @@ class CloudIdManager implements ICloudIdManager {
 		if ($lastValidAtPos !== false) {
 			$user = substr($id, 0, $lastValidAtPos);
 			$remote = substr($id, $lastValidAtPos + 1);
+
+			$this->userManager->validateUserId($user);
+
 			if (!empty($user) && !empty($remote)) {
 				return new CloudId($id, $user, $remote, $this->getDisplayNameFromContact($id));
 			}
-- 
cgit v1.2.3