Skip to content

[stable34] fix(files_sharing): reject custom share tokens longer than the db column#61676

Merged
artonge merged 2 commits into
stable34from
backport/61630/stable34
Jul 1, 2026
Merged

[stable34] fix(files_sharing): reject custom share tokens longer than the db column#61676
artonge merged 2 commits into
stable34from
backport/61630/stable34

Conversation

@backportbot

@backportbot backportbot Bot commented Jun 30, 2026

Copy link
Copy Markdown

Backport of PR #61630

amitmishra11 and others added 2 commits June 30, 2026 13:58
…se column

validateToken() only checked for an empty string and an invalid
character set, not length. A custom share token longer than 32
characters passes validation, then fails at the database layer
(oc_share.token is varchar(32)) with a raw SQL exception instead of
a clear validation error.

Add a max-length check matching the column size, and mention the
limit in the existing error message.

Assisted-by: ClaudeCode:claude-sonnet-4-6
Signed-off-by: Amit Mishra <amit.mishra.eee21@itbhu.ac.in>
Co-authored-by: Josh <josh.t.richards@gmail.com>
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
@backportbot backportbot Bot requested a review from a team as a code owner June 30, 2026 13:59
@backportbot backportbot Bot requested review from Altahrim, CarlSchwan, icewind1991, joshtrichards, leftybournes, provokateurin, salmart-dev and susnux and removed request for a team June 30, 2026 13:59
@backportbot backportbot Bot added bug 3. to review Waiting for reviews feature: sharing AI assisted community pull requests from community labels Jun 30, 2026
@backportbot backportbot Bot added this to the Nextcloud 34.0.2 milestone Jun 30, 2026
@joshtrichards joshtrichards added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Jun 30, 2026
@artonge artonge merged commit 12b2db0 into stable34 Jul 1, 2026
182 of 186 checks passed
@artonge artonge deleted the backport/61630/stable34 branch July 1, 2026 16:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

4. to release Ready to be released and/or waiting for tests to finish AI assisted bug community pull requests from community feature: sharing

5 participants