From 945cdc934c2011a7df29f859c95db5ba74e4cd0f Mon Sep 17 00:00:00 2001
From: Umar Getagazov <umar@handlerug.me>
Date: Sun, 21 Aug 2022 16:18:28 +0300
Subject: [PATCH] Fix hyphaNamePattern regexp

There wasn't actually a vulnerability AFAIC because hypha names are
passed through CanonicalName which strips those characters, but fix it
anyway for the sake of correctness.
---
 hyphae/hypha.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hyphae/hypha.go b/hyphae/hypha.go
index e531c81..63b4a3e 100644
--- a/hyphae/hypha.go
+++ b/hyphae/hypha.go
@@ -8,7 +8,7 @@ import (
 )
 
 // hyphaNamePattern is a pattern which all hyphae names must match.
-var hyphaNamePattern = regexp.MustCompile(`[^?!:#@><*|"'&%{}]+`)
+var hyphaNamePattern = regexp.MustCompile(`^[^?!:#@><*|"'&%{}]+$`)
 
 // IsValidName checks for invalid characters and path traversals.
 func IsValidName(hyphaName string) bool {