Better validate event contents
This commit is contained in:
parent
00be163153
commit
fd406987c1
|
@ -448,7 +448,7 @@ class KeyManager {
|
||||||
/// Handle an incoming to_device event that is related to key sharing
|
/// Handle an incoming to_device event that is related to key sharing
|
||||||
Future<void> handleToDeviceEvent(ToDeviceEvent event) async {
|
Future<void> handleToDeviceEvent(ToDeviceEvent event) async {
|
||||||
if (event.type == 'm.room_key_request') {
|
if (event.type == 'm.room_key_request') {
|
||||||
if (!event.content.containsKey('request_id')) {
|
if (!(event.content['request_id'] is String)) {
|
||||||
return; // invalid event
|
return; // invalid event
|
||||||
}
|
}
|
||||||
if (event.content['action'] == 'request') {
|
if (event.content['action'] == 'request') {
|
||||||
|
|
|
@ -1345,7 +1345,7 @@ class MatrixApi {
|
||||||
.codeUnits
|
.codeUnits
|
||||||
: await streamedResponse.stream.first),
|
: await streamedResponse.stream.first),
|
||||||
);
|
);
|
||||||
if (!jsonResponse.containsKey('content_uri')) {
|
if (!(jsonResponse['content_uri'] is String)) {
|
||||||
throw MatrixException.fromJson(jsonResponse);
|
throw MatrixException.fromJson(jsonResponse);
|
||||||
}
|
}
|
||||||
return jsonResponse['content_uri'];
|
return jsonResponse['content_uri'];
|
||||||
|
|
|
@ -28,7 +28,7 @@ class LoginResponse {
|
||||||
userId = json['user_id'];
|
userId = json['user_id'];
|
||||||
accessToken = json['access_token'];
|
accessToken = json['access_token'];
|
||||||
deviceId = json['device_id'];
|
deviceId = json['device_id'];
|
||||||
if (json.containsKey('well_known')) {
|
if (json['well_known'] is Map) {
|
||||||
wellKnownInformations =
|
wellKnownInformations =
|
||||||
WellKnownInformations.fromJson(json['well_known']);
|
WellKnownInformations.fromJson(json['well_known']);
|
||||||
}
|
}
|
||||||
|
|
|
@ -324,7 +324,7 @@ class Database extends _$Database {
|
||||||
|
|
||||||
// is there a transaction id? Then delete the event with this id.
|
// is there a transaction id? Then delete the event with this id.
|
||||||
if (status != -1 &&
|
if (status != -1 &&
|
||||||
eventUpdate.content.containsKey('unsigned') &&
|
eventUpdate.content['unsigned'] is Map &&
|
||||||
eventUpdate.content['unsigned']['transaction_id'] is String) {
|
eventUpdate.content['unsigned']['transaction_id'] is String) {
|
||||||
await removeEvent(clientId,
|
await removeEvent(clientId,
|
||||||
eventUpdate.content['unsigned']['transaction_id'], chatId);
|
eventUpdate.content['unsigned']['transaction_id'], chatId);
|
||||||
|
|
|
@ -60,7 +60,7 @@ class Event extends MatrixEvent {
|
||||||
|
|
||||||
/// Optional. The event that redacted this event, if any. Otherwise null.
|
/// Optional. The event that redacted this event, if any. Otherwise null.
|
||||||
Event get redactedBecause =>
|
Event get redactedBecause =>
|
||||||
unsigned != null && unsigned.containsKey('redacted_because')
|
unsigned != null && unsigned['redacted_because'] is Map
|
||||||
? Event.fromJson(unsigned['redacted_because'], room)
|
? Event.fromJson(unsigned['redacted_because'], room)
|
||||||
: null;
|
: null;
|
||||||
|
|
||||||
|
@ -206,7 +206,7 @@ class Event extends MatrixEvent {
|
||||||
unsigned: unsigned,
|
unsigned: unsigned,
|
||||||
room: room);
|
room: room);
|
||||||
|
|
||||||
String get messageType => (content.containsKey('m.relates_to') &&
|
String get messageType => (content['m.relates_to'] is Map &&
|
||||||
content['m.relates_to']['m.in_reply_to'] != null)
|
content['m.relates_to']['m.in_reply_to'] != null)
|
||||||
? MessageTypes.Reply
|
? MessageTypes.Reply
|
||||||
: content['msgtype'] ?? MessageTypes.Text;
|
: content['msgtype'] ?? MessageTypes.Text;
|
||||||
|
@ -353,8 +353,8 @@ class Event extends MatrixEvent {
|
||||||
|
|
||||||
bool get hasThumbnail =>
|
bool get hasThumbnail =>
|
||||||
content['info'] is Map<String, dynamic> &&
|
content['info'] is Map<String, dynamic> &&
|
||||||
(content['info'].containsKey('thumbnail_url') ||
|
(content['info']['thumbnail_url'] is String ||
|
||||||
content['info'].containsKey('thumbnail_file'));
|
content['info']['thumbnail_file'] is Map);
|
||||||
|
|
||||||
/// Downloads (and decryptes if necessary) the attachment of this
|
/// Downloads (and decryptes if necessary) the attachment of this
|
||||||
/// event and returns it as a [MatrixFile]. If this event doesn't
|
/// event and returns it as a [MatrixFile]. If this event doesn't
|
||||||
|
@ -366,16 +366,16 @@ class Event extends MatrixEvent {
|
||||||
throw ("This event has the type '$type' and so it can't contain an attachment.");
|
throw ("This event has the type '$type' and so it can't contain an attachment.");
|
||||||
}
|
}
|
||||||
if (!getThumbnail &&
|
if (!getThumbnail &&
|
||||||
!content.containsKey('url') &&
|
!(content['url'] is String) &&
|
||||||
!content.containsKey('file')) {
|
!(content['file'] is Map)) {
|
||||||
throw ("This event hasn't any attachment.");
|
throw ("This event hasn't any attachment.");
|
||||||
}
|
}
|
||||||
if (getThumbnail && !hasThumbnail) {
|
if (getThumbnail && !hasThumbnail) {
|
||||||
throw ("This event hasn't any thumbnail.");
|
throw ("This event hasn't any thumbnail.");
|
||||||
}
|
}
|
||||||
final isEncrypted = getThumbnail
|
final isEncrypted = getThumbnail
|
||||||
? !content['info'].containsKey('thumbnail_url')
|
? !(content['info']['thumbnail_url'] is String)
|
||||||
: !content.containsKey('url');
|
: !(content['url'] is String);
|
||||||
|
|
||||||
if (isEncrypted && !room.client.encryptionEnabled) {
|
if (isEncrypted && !room.client.encryptionEnabled) {
|
||||||
throw ('Encryption is not enabled in your Client.');
|
throw ('Encryption is not enabled in your Client.');
|
||||||
|
|
|
@ -931,7 +931,7 @@ class Room {
|
||||||
/// Sets this room as a direct chat for this user if not already.
|
/// Sets this room as a direct chat for this user if not already.
|
||||||
Future<void> addToDirectChat(String userID) async {
|
Future<void> addToDirectChat(String userID) async {
|
||||||
var directChats = client.directChats;
|
var directChats = client.directChats;
|
||||||
if (directChats.containsKey(userID)) {
|
if (directChats[userID] is List) {
|
||||||
if (!directChats[userID].contains(id)) {
|
if (!directChats[userID].contains(id)) {
|
||||||
directChats[userID].add(id);
|
directChats[userID].add(id);
|
||||||
} else {
|
} else {
|
||||||
|
@ -952,7 +952,7 @@ class Room {
|
||||||
/// Removes this room from all direct chat tags.
|
/// Removes this room from all direct chat tags.
|
||||||
Future<void> removeFromDirectChat() async {
|
Future<void> removeFromDirectChat() async {
|
||||||
var directChats = client.directChats;
|
var directChats = client.directChats;
|
||||||
if (directChats.containsKey(directChatMatrixID) &&
|
if (directChats[directChatMatrixID] is List &&
|
||||||
directChats[directChatMatrixID].contains(id)) {
|
directChats[directChatMatrixID].contains(id)) {
|
||||||
directChats[directChatMatrixID].remove(id);
|
directChats[directChatMatrixID].remove(id);
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -147,11 +147,11 @@ class Timeline {
|
||||||
if (i < events.length) events.removeAt(i);
|
if (i < events.length) events.removeAt(i);
|
||||||
}
|
}
|
||||||
// Is this event already in the timeline?
|
// Is this event already in the timeline?
|
||||||
else if (eventUpdate.content.containsKey('unsigned') &&
|
else if (eventUpdate.content['unsigned'] is Map &&
|
||||||
eventUpdate.content['unsigned']['transaction_id'] is String) {
|
eventUpdate.content['unsigned']['transaction_id'] is String) {
|
||||||
var i = _findEvent(
|
var i = _findEvent(
|
||||||
event_id: eventUpdate.content['event_id'],
|
event_id: eventUpdate.content['event_id'],
|
||||||
unsigned_txid: eventUpdate.content.containsKey('unsigned')
|
unsigned_txid: eventUpdate.content['unsigned'] is Map
|
||||||
? eventUpdate.content['unsigned']['transaction_id']
|
? eventUpdate.content['unsigned']['transaction_id']
|
||||||
: null);
|
: null);
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue