Merge branch 'soru/fix-state-attack' into 'master'
Fix state attack See merge request famedly/famedlysdk!343
This commit is contained in:
commit
a61efa0384
|
@ -273,7 +273,7 @@ class Database extends _$Database {
|
|||
final chatId = eventUpdate.roomID;
|
||||
|
||||
// Get the state_key for state events
|
||||
var stateKey = '';
|
||||
String stateKey;
|
||||
if (eventContent['state_key'] is String) {
|
||||
stateKey = eventContent['state_key'];
|
||||
}
|
||||
|
@ -331,7 +331,10 @@ class Database extends _$Database {
|
|||
|
||||
if (type == 'history') return;
|
||||
|
||||
if (type != 'account_data') {
|
||||
if (type != 'account_data' &&
|
||||
((stateKey is String) ||
|
||||
[EventTypes.Message, EventTypes.Sticker, EventTypes.Encrypted]
|
||||
.contains(eventUpdate.eventType))) {
|
||||
final now = DateTime.now();
|
||||
await storeRoomState(
|
||||
clientId,
|
||||
|
@ -347,7 +350,7 @@ class Database extends _$Database {
|
|||
json.encode(eventContent['unsigned'] ?? ''),
|
||||
json.encode(eventContent['content']),
|
||||
json.encode(eventContent['prev_content'] ?? ''),
|
||||
stateKey,
|
||||
stateKey ?? '',
|
||||
);
|
||||
} else if (type == 'account_data') {
|
||||
await storeRoomAccountData(
|
||||
|
|
|
@ -115,7 +115,15 @@ class Room {
|
|||
print('[LibOlm] Could not decrypt room state: ' + e.toString());
|
||||
}
|
||||
}
|
||||
if ((getState(state.type)?.originServerTs?.millisecondsSinceEpoch ?? 0) >
|
||||
if (!(state.stateKey is String) &&
|
||||
![EventTypes.Message, EventTypes.Sticker, EventTypes.Encrypted]
|
||||
.contains(state.type)) {
|
||||
return;
|
||||
}
|
||||
if ((getState(state.type, state.stateKey ?? '')
|
||||
?.originServerTs
|
||||
?.millisecondsSinceEpoch ??
|
||||
0) >
|
||||
(state.originServerTs?.millisecondsSinceEpoch ?? 1)) {
|
||||
return;
|
||||
}
|
||||
|
|
|
@ -447,6 +447,45 @@ void main() {
|
|||
await room.setHistoryVisibility(HistoryVisibility.joined);
|
||||
});
|
||||
|
||||
test('setState', () async {
|
||||
// not set non-state-events
|
||||
room.setState(Event.fromJson({
|
||||
'content': {'history_visibility': 'shared'},
|
||||
'event_id': '\$143273582443PhrSn:example.org',
|
||||
'origin_server_ts': 1432735824653,
|
||||
'room_id': '!jEsUZKDJdhlrceRyVU:example.org',
|
||||
'sender': '@example:example.org',
|
||||
'type': 'm.custom',
|
||||
'unsigned': {'age': 1234}
|
||||
}, room));
|
||||
expect(room.getState('m.custom') != null, false);
|
||||
|
||||
// set state events
|
||||
room.setState(Event.fromJson({
|
||||
'content': {'history_visibility': 'shared'},
|
||||
'event_id': '\$143273582443PhrSn:example.org',
|
||||
'origin_server_ts': 1432735824653,
|
||||
'room_id': '!jEsUZKDJdhlrceRyVU:example.org',
|
||||
'sender': '@example:example.org',
|
||||
'state_key': '',
|
||||
'type': 'm.custom',
|
||||
'unsigned': {'age': 1234}
|
||||
}, room));
|
||||
expect(room.getState('m.custom') != null, true);
|
||||
|
||||
// sets messages as state events
|
||||
room.setState(Event.fromJson({
|
||||
'content': {'history_visibility': 'shared'},
|
||||
'event_id': '\$143273582443PhrSn:example.org',
|
||||
'origin_server_ts': 1432735824653,
|
||||
'room_id': '!jEsUZKDJdhlrceRyVU:example.org',
|
||||
'sender': '@example:example.org',
|
||||
'type': 'm.room.message',
|
||||
'unsigned': {'age': 1234}
|
||||
}, room));
|
||||
expect(room.getState('m.room.message') != null, true);
|
||||
});
|
||||
|
||||
test('logout', () async {
|
||||
await matrix.logout();
|
||||
});
|
||||
|
|
Loading…
Reference in a new issue