diff options
| author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2021-01-20 18:53:32 +0300 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2021-01-20 19:05:17 +0300 |
| commit | 9672ed6ca5cfe7a57e91afeb9cc6eaa4f8d159b9 (patch) | |
| tree | c6eedf7a1fc7d78c53f878c83166f16d5e78dba2 /lib/UserBackend.php | |
| parent | b05f6f95892dd591096fd7abb0b6b4efbc55bc94 (diff) | |
make testEncodedObjectGUID more robust against false positives
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Diffstat (limited to 'lib/UserBackend.php')
| -rw-r--r-- | lib/UserBackend.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/UserBackend.php b/lib/UserBackend.php index b65bccf9..dcec830a 100644 --- a/lib/UserBackend.php +++ b/lib/UserBackend.php @@ -702,6 +702,11 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend { * */ public function testEncodedObjectGUID(string $uid): string { + if (preg_match('/[^a-zA-Z0-9=+\/]/', $uid) !== 0) { + // certainly not encoded + return $uid; + } + $candidate = base64_decode($uid, false); if($candidate === false) { return $uid; |