diff --git a/app/src/main/java/org/thoughtcrime/securesms/util/UriUtil.kt b/app/src/main/java/org/thoughtcrime/securesms/util/UriUtil.kt index b63769f46e..f522b9e3ef 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/util/UriUtil.kt +++ b/app/src/main/java/org/thoughtcrime/securesms/util/UriUtil.kt @@ -15,7 +15,8 @@ object UriUtil { /** * Ensures that an external URI is valid and doesn't contain any references to internal files or - * any other trickiness. + * any other trickiness. Rejects file:// URIs that reference internal storage, and content:// URIs + * whose authority belongs to this application's own content providers. */ @JvmStatic fun isValidExternalUri(context: Context, uri: Uri): Boolean { @@ -29,6 +30,9 @@ object UriUtil { } catch (e: IOException) { return false } + } else if (ContentResolver.SCHEME_CONTENT == uri.scheme) { + val authority = uri.authority ?: return false + return !authority.startsWith(context.packageName) } else { return true } diff --git a/app/src/test/java/org/thoughtcrime/securesms/util/UriUtilTest_isValidExternalUri.java b/app/src/test/java/org/thoughtcrime/securesms/util/UriUtilTest_isValidExternalUri.java index 1d499cb7d2..2538dcf32e 100644 --- a/app/src/test/java/org/thoughtcrime/securesms/util/UriUtilTest_isValidExternalUri.java +++ b/app/src/test/java/org/thoughtcrime/securesms/util/UriUtilTest_isValidExternalUri.java @@ -34,6 +34,10 @@ public class UriUtilTest_isValidExternalUri { public static Collection data() { return Arrays.asList(new Object[][]{ { "content://other.app.package.name.org/path/public.txt", true }, + { "content://" + APPLICATION_ID + ".part/part/42", false }, + { "content://" + APPLICATION_ID + ".blob/blob/42", false }, + { "content://" + APPLICATION_ID + ".avatar/avatar/42", false }, + { "content://" + APPLICATION_ID + ".fileprovider/external_files/f", false }, { "file:///sdcard/public.txt", true }, {"file:///data/data/" + APPLICATION_ID + "/private.txt", false }, {"file:///any/path/with/package/name/" + APPLICATION_ID, false },