From: Stefan <Stefan_Hahn1@gmx.net>
Date: Fri, 2 Sep 2016 15:27:42 +0000 (+0200)
Subject: Add length check for package name
X-Git-Tag: 3.0.0_Beta_1~322^2~3
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=e48ab9329bc522b5e3ff7ed35666ca17a6b7f4af;p=GitHub%2FWoltLab%2FWCF.git

Add length check for package name
---

diff --git a/wcfsetup/install/files/lib/data/package/Package.class.php b/wcfsetup/install/files/lib/data/package/Package.class.php
index aa7d97429d..a82dde7d82 100644
--- a/wcfsetup/install/files/lib/data/package/Package.class.php
+++ b/wcfsetup/install/files/lib/data/package/Package.class.php
@@ -239,6 +239,8 @@ class Package extends DatabaseObject {
 	 * A valid package name begins with at least one alphanumeric character
 	 * or an underscore, followed by a dot, followed by at least one alphanumeric
 	 * character or an underscore and the same again, possibly repeatedly.
+	 * The package name cannot be any longer than 191 characters in total due to
+	 * internal database character encoding limitations.
 	 * Example:
 	 * 	com.woltlab.wcf
 	 * 
@@ -250,6 +252,10 @@ class Package extends DatabaseObject {
 	 * @return	boolean		isValid
 	 */
 	public static function isValidPackageName($packageName) {
+		if (mb_strlen($packageName) < 3 || mb_strlen($packageName) > 191) {
+			return false;
+		}
+		
 		return preg_match('%^[a-zA-Z0-9_-]+\.[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$%', $packageName);
 	}