From 61ad808d26987a14dac9679bb76e3c896c38ce7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Chmielowski?= Date: Thu, 11 Apr 2024 12:15:30 +0200 Subject: [PATCH] Fix validation of user field in get_user_subscriptions command I made it test for valid muc room, instead of just valid username. This should fix issue #4197 --- src/mod_muc_admin.erl | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/mod_muc_admin.erl b/src/mod_muc_admin.erl index d15138605..732644873 100644 --- a/src/mod_muc_admin.erl +++ b/src/mod_muc_admin.erl @@ -564,7 +564,7 @@ get_user_rooms(User, Server) -> end, ejabberd_option:hosts()). get_user_subscriptions(User, Server) -> - User2 = validate_muc(User, <<"user">>), + User2 = validate_user(User, <<"user">>), Server2 = validate_host(Server, <<"host">>), Services = find_services(global), UserJid = jid:make(User2, Server2), @@ -1582,6 +1582,15 @@ validate_host(Name, ArgName) -> end end. +-spec validate_user(Name :: binary(), ArgName::binary()) -> binary(). +validate_user(Name, ArgName) -> + case jid:nodeprep(Name) of + error -> + throw({error, <<"Invalid value of '",ArgName/binary,"'">>}); + Name2 -> + Name2 + end. + -spec validate_muc(Name :: binary(), ArgName::binary()) -> binary(). validate_muc(Name, ArgName) -> case jid:nameprep(Name) of