diff --git a/appinfo/info.xml b/appinfo/info.xml
index b19e7d99282..20b0541fa57 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -18,7 +18,7 @@
* 🌉 **Sync with other chat solutions** With [Matterbridge](https://github.com/42wim/matterbridge/) being integrated in Talk, you can easily sync a lot of other chat solutions to Nextcloud Talk and vice-versa.
]]>
- 20.1.10
+ 20.1.11
agpl
Anna Larch
diff --git a/lib/MatterbridgeManager.php b/lib/MatterbridgeManager.php
index 19a18f28855..4b210f84511 100644
--- a/lib/MatterbridgeManager.php
+++ b/lib/MatterbridgeManager.php
@@ -111,7 +111,7 @@ public function editBridgeOfRoom(Room $room, string $userId, bool $enabled, arra
$newBridge = [
'enabled' => $enabled,
'pid' => $currentBridge['pid'] ?? 0,
- 'parts' => $parts,
+ 'parts' => $this->validateParts($parts),
];
$this->notify($room, $userId, $currentBridge, $newBridge);
@@ -335,6 +335,7 @@ private function generatePassword(): string {
private function generateConfig(array $bridge): string {
$content = '';
foreach ($bridge['parts'] as $k => $part) {
+ $k = (int)$k;
$type = $part['type'];
if ($type === 'nctalk') {
@@ -494,6 +495,22 @@ private function generateConfig(array $bridge): string {
return $content;
}
+ protected function validateParts(array $parts): array {
+ foreach ($parts as $k => $part) {
+ if (!is_numeric($k)) {
+ $this->logger->error('User tried to configure a malicious matterbridge setup');
+ throw new \InvalidArgumentException('Invalid matterbridge parameters');
+ }
+ foreach ($part as $key => $value) {
+ if (preg_match('/["\n]/', $key) || preg_match('/["\n]/', $value)) {
+ $this->logger->error('User tried to configure a malicious matterbridge setup');
+ throw new \InvalidArgumentException('Invalid matterbridge parameters');
+ }
+ }
+ }
+ return $parts;
+ }
+
/**
* Remove the scheme from an URL and add port
*
diff --git a/package-lock.json b/package-lock.json
index dd62e9d99c3..c5cb72e8e22 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
{
"name": "talk",
- "version": "20.1.10",
+ "version": "20.1.11",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "talk",
- "version": "20.1.10",
+ "version": "20.1.11",
"license": "agpl",
"dependencies": {
"@linusborg/vue-simple-portal": "^0.1.5",
diff --git a/package.json b/package.json
index 16ab5121052..11a145889e9 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "talk",
- "version": "20.1.10",
+ "version": "20.1.11",
"private": true,
"description": "",
"author": "Joas Schilling ",
diff --git a/tests/integration/features/bootstrap/FeatureContext.php b/tests/integration/features/bootstrap/FeatureContext.php
index c4f68769f8d..93e16874496 100644
--- a/tests/integration/features/bootstrap/FeatureContext.php
+++ b/tests/integration/features/bootstrap/FeatureContext.php
@@ -1221,11 +1221,12 @@ public function userGetsTheRoomForPath(string $user, string $path, int $statusCo
}
/**
+ * @Then /^user "([^"]*)" propfinds path "([^"]*)"$/
* @param string $user
* @param string $path
* @return int
*/
- private function getFileIdForPath($user, $path) {
+ public function getFileIdForPath($user, $path) {
$this->setCurrentUser($user);
$url = "/$user/$path";
diff --git a/tests/integration/features/conversation-2/files.feature b/tests/integration/features/conversation-2/files.feature
index a2e16ce64f4..d052da89575 100644
--- a/tests/integration/features/conversation-2/files.feature
+++ b/tests/integration/features/conversation-2/files.feature
@@ -58,6 +58,8 @@ Feature: conversation/files
Given user "participant1" shares "welcome.txt" with user "participant2" with OCS 100
And user "participant2" accepts last share
And user "participant1" deletes last share
+ # FIXME Temporary workaround, should be removed when possible. See https://github.com/nextcloud/spreed/pull/15726 for details
+ When user "participant2" propfinds path "welcome.txt"
When user "participant1" gets the room for path "welcome.txt" with 404 (v1)