From e7ad0448261a6706053749ea7eaf4c34ddef17ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Mon, 23 Dec 2019 11:57:41 +0100
Subject: [PATCH] Validate check array in the backend
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 apps/workflowengine/lib/Manager.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/apps/workflowengine/lib/Manager.php b/apps/workflowengine/lib/Manager.php
index bd71e7bb3c6..7e447a38a01 100644
--- a/apps/workflowengine/lib/Manager.php
+++ b/apps/workflowengine/lib/Manager.php
@@ -467,9 +467,16 @@ class Manager implements IManager {
 
 		$this->validateEvents($entity, $events, $instance);
 
+		if (count($checks) === 0) {
+			throw new \UnexpectedValueException($this->l->t('At least one check needs to be provided'));
+		}
 		$instance->validateOperation($name, $checks, $operation);
 
 		foreach ($checks as $check) {
+			if (!is_string($check['class'])) {
+				throw new \UnexpectedValueException($this->l->t('Invalid check provided'));
+			}
+
 			try {
 				/** @var ICheck $instance */
 				$instance = $this->container->query($check['class']);
-- 
GitLab