Domain is passed as a REGEX pattern, not a literal string.

This change ensures consistency with how paths are parsed when updating a domain path.

The modified line was passing the domain name as a literal string, but it is actually interpreted as a regular expression internally.

I couldn’t find a way to exploit this issue, but it could still cause data corruption if a domain name accidentally contains regex metacharacters.

Note that this same technique is already used in a similar situation on line 1118.

A common example is when an organization uses its DNS name as the "domain" (tenant), like `company.com`.

In this case, the `.` (dot) is treated as a regex wildcard, meaning it can match any character...

Author: daviftorres

server/src/main/java/com/cloud/user/DomainManagerImpl.java

@@ -938,7 +938,7 @@ private void updateDomainChildren(DomainVO domain, String updatedDomainPrefix) {
         List<DomainVO> domainChildren = _domainDao.findAllChildren(domain.getPath(), domain.getId());
         // for each child, update the path
         for (DomainVO dom : domainChildren) {
-            dom.setPath(dom.getPath().replaceFirst(domain.getPath(), updatedDomainPrefix));
+            dom.setPath(StringUtils.replaceOnce(dom.getPath(), domain.getPath(), updatedDomainPrefix));
             _domainDao.update(dom.getId(), dom);
         }
     }