From: Marcin Haba <marcin.haba@bacula.pl>
Date: Tue, 28 Mar 2023 08:37:11 +0000 (+0200)
Subject: baculum: Extend object name validation pattern
X-Git-Tag: Release-13.0.3~99
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1c68de4bbc3a8b2c46aa7c5d6f299491c38d443d;p=thirdparty%2Fbacula.git

baculum: Extend object name validation pattern
---

diff --git a/gui/baculum/protected/API/Pages/API/Objects.php b/gui/baculum/protected/API/Pages/API/Objects.php
index 264933f70..c893d078d 100644
--- a/gui/baculum/protected/API/Pages/API/Objects.php
+++ b/gui/baculum/protected/API/Pages/API/Objects.php
@@ -37,7 +37,7 @@ class Objects extends BaculumAPIServer {
 		$limit = $this->Request->contains('limit') && $misc->isValidInteger($this->Request['limit']) ? (int)$this->Request['limit'] : 0;
 		$offset = $this->Request->contains('offset') && $misc->isValidInteger($this->Request['offset']) ? (int)$this->Request['offset'] : 0;
 		$objecttype = $this->Request->contains('objecttype') && $misc->isValidName($this->Request['objecttype']) ? $this->Request['objecttype'] : null;
-		$objectname = $this->Request->contains('objectname') && $misc->isValidName($this->Request['objectname']) ? $this->Request['objectname'] : null;
+		$objectname = $this->Request->contains('objectname') && $misc->isValidNameExt($this->Request['objectname']) ? $this->Request['objectname'] : null;
 		$objectcategory = $this->Request->contains('objectcategory') && $misc->isValidName($this->Request['objectcategory']) ? $this->Request['objectcategory'] : null;
 		$objectsource = $this->Request->contains('objectsource') && $misc->isValidName($this->Request['objectsource']) ? $this->Request['objectsource'] : null;
 		$objectuuid = $this->Request->contains('objectuuid') && $misc->isValidName($this->Request['objectuuid']) ? $this->Request['objectuuid'] : null;
diff --git a/gui/baculum/protected/Common/Modules/Miscellaneous.php b/gui/baculum/protected/Common/Modules/Miscellaneous.php
index a2698e6a8..45b57718b 100644
--- a/gui/baculum/protected/Common/Modules/Miscellaneous.php
+++ b/gui/baculum/protected/Common/Modules/Miscellaneous.php
@@ -225,7 +225,7 @@ class Miscellaneous extends TModule {
 	}
 
 	public function isValidNameExt($name_ext) {
-		return (preg_match('/^[\w:\.\-\s\*=]{1,127}$/', $name_ext) === 1);
+		return (preg_match('/^[\w:\.\-\s\*=@]{1,127}$/', $name_ext) === 1);
 	}
 
 	public function isValidState($state) {