From c938035ec186534caaba9c6fdab4eac63d8b9af1 Mon Sep 17 00:00:00 2001 From: Greyson Parrelli Date: Wed, 10 May 2023 17:30:15 -0400 Subject: [PATCH] Improve error handling around unknown UUIDs. --- .../messages/DataMessageProcessor.kt | 7 ++++- .../api/messages/EnvelopeContentValidator.kt | 26 +++++++++++-------- .../signalservice/api/util/UuidUtil.java | 1 + 3 files changed, 22 insertions(+), 12 deletions(-) diff --git a/app/src/main/java/org/thoughtcrime/securesms/messages/DataMessageProcessor.kt b/app/src/main/java/org/thoughtcrime/securesms/messages/DataMessageProcessor.kt index 9cc2d2e92b..4afc7c2286 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/messages/DataMessageProcessor.kt +++ b/app/src/main/java/org/thoughtcrime/securesms/messages/DataMessageProcessor.kt @@ -446,6 +446,11 @@ object DataMessageProcessor { val targetAuthorServiceId: ServiceId = ServiceId.parseOrThrow(message.reaction.targetAuthorUuid) val targetSentTimestamp = message.reaction.targetSentTimestamp + if (targetAuthorServiceId.isUnknown) { + warn(envelope.timestamp, "Reaction was to an unknown UUID! Ignoring the message.") + return null + } + if (!EmojiUtil.isEmoji(emoji)) { warn(envelope.timestamp, "Reaction text is not a valid emoji! Ignoring the message.") return null @@ -962,7 +967,7 @@ object DataMessageProcessor { .mapNotNull { val serviceId = ServiceId.parseOrNull(it.mentionUuid) - if (serviceId != null) { + if (serviceId != null && !serviceId.isUnknown) { val id = Recipient.externalPush(serviceId).id Mention(id, it.start, it.length) } else { diff --git a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/messages/EnvelopeContentValidator.kt b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/messages/EnvelopeContentValidator.kt index de3acb60c0..cb31eae6fa 100644 --- a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/messages/EnvelopeContentValidator.kt +++ b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/messages/EnvelopeContentValidator.kt @@ -66,7 +66,7 @@ object EnvelopeContentValidator { Result.Invalid("[DataMessage] Timestamps don't match! envelope: ${envelope.timestamp}, content: ${dataMessage.timestamp}") } - if (dataMessage.hasQuote() && dataMessage.quote.authorUuid.isNullOrInvalidUuid()) { + if (dataMessage.hasQuote() && dataMessage.quote.authorUuid.isNullOrInvalidOrUnknownUuid()) { return Result.Invalid("[DataMessage] Invalid UUID on quote!") } @@ -78,7 +78,7 @@ object EnvelopeContentValidator { return Result.Invalid("[DataMessage] Invalid AttachmentPointer on DataMessage.previewList.image!") } - if (dataMessage.bodyRangesList.any { it.hasMentionUuid() && it.mentionUuid.isNullOrInvalidUuid() }) { + if (dataMessage.bodyRangesList.any { it.hasMentionUuid() && it.mentionUuid.isNullOrInvalidOrUnknownUuid() }) { return Result.Invalid("[DataMessage] Invalid UUID on body range!") } @@ -90,7 +90,7 @@ object EnvelopeContentValidator { if (!dataMessage.reaction.hasTargetSentTimestamp()) { return Result.Invalid("[DataMessage] Missing timestamp on DataMessage.reaction!") } - if (dataMessage.reaction.targetAuthorUuid.isNullOrInvalidUuid()) { + if (dataMessage.reaction.targetAuthorUuid.isNullOrInvalidOrUnknownUuid()) { return Result.Invalid("[DataMessage] Invalid UUID on DataMessage.reaction!") } } @@ -99,7 +99,7 @@ object EnvelopeContentValidator { return Result.Invalid("[DataMessage] Missing timestamp on DataMessage.delete!") } - if (dataMessage.hasStoryContext() && dataMessage.storyContext.authorUuid.isNullOrInvalidUuid()) { + if (dataMessage.hasStoryContext() && dataMessage.storyContext.authorUuid.isNullOrInvalidOrUnknownUuid()) { return Result.Invalid("[DataMessage] Invalid UUID on DataMessage.storyContext!") } @@ -164,19 +164,19 @@ object EnvelopeContentValidator { } } - if (syncMessage.readList.any { it.senderUuid.isNullOrInvalidUuid() }) { + if (syncMessage.readList.any { it.senderUuid.isNullOrInvalidOrUnknownUuid() }) { return Result.Invalid("[SyncMessage] Invalid UUID in SyncMessage.readList!") } - if (syncMessage.viewedList.any { it.senderUuid.isNullOrInvalidUuid() }) { + if (syncMessage.viewedList.any { it.senderUuid.isNullOrInvalidOrUnknownUuid() }) { return Result.Invalid("[SyncMessage] Invalid UUID in SyncMessage.viewList!") } - if (syncMessage.hasViewOnceOpen() && syncMessage.viewOnceOpen.senderUuid.isNullOrInvalidUuid()) { + if (syncMessage.hasViewOnceOpen() && syncMessage.viewOnceOpen.senderUuid.isNullOrInvalidOrUnknownUuid()) { return Result.Invalid("[SyncMessage] Invalid UUID in SyncMessage.viewOnceOpen!") } - if (syncMessage.hasVerified() && syncMessage.verified.destinationUuid.isNullOrInvalidUuid()) { + if (syncMessage.hasVerified() && syncMessage.verified.destinationUuid.isNullOrInvalidOrUnknownUuid()) { return Result.Invalid("[SyncMessage] Invalid UUID in SyncMessage.verified!") } @@ -184,11 +184,11 @@ object EnvelopeContentValidator { return Result.Invalid("[SyncMessage] Missing packId in stickerPackOperationList!") } - if (syncMessage.hasBlocked() && syncMessage.blocked.uuidsList.any { it.isNullOrInvalidUuid() }) { + if (syncMessage.hasBlocked() && syncMessage.blocked.uuidsList.any { it.isNullOrInvalidOrUnknownUuid() }) { return Result.Invalid("[SyncMessage] Invalid UUID in SyncMessage.blocked!") } - if (syncMessage.hasMessageRequestResponse() && !syncMessage.messageRequestResponse.hasGroupId() && syncMessage.messageRequestResponse.threadUuid.isNullOrInvalidUuid()) { + if (syncMessage.hasMessageRequestResponse() && !syncMessage.messageRequestResponse.hasGroupId() && syncMessage.messageRequestResponse.threadUuid.isNullOrInvalidOrUnknownUuid()) { return Result.Invalid("[SyncMessage] Invalid UUID in SyncMessage.messageRequestResponse!") } @@ -254,7 +254,7 @@ object EnvelopeContentValidator { return Result.Invalid("[EditMessage] Invalid AttachmentPointer on DataMessage.previewList.image!") } - if (dataMessage.bodyRangesList.any { it.hasMentionUuid() && it.mentionUuid.isNullOrInvalidUuid() }) { + if (dataMessage.bodyRangesList.any { it.hasMentionUuid() && it.mentionUuid.isNullOrInvalidOrUnknownUuid() }) { return Result.Invalid("[EditMessage] Invalid UUID on body range!") } @@ -281,6 +281,10 @@ object EnvelopeContentValidator { return UuidUtil.isUuid(this) } + private fun String?.isNullOrInvalidOrUnknownUuid(): Boolean { + return !UuidUtil.isUuid(this) || this == UuidUtil.UNKNOWN_UUID_STRING + } + private fun String?.isNullOrInvalidUuid(): Boolean { return !UuidUtil.isUuid(this) } diff --git a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/util/UuidUtil.java b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/util/UuidUtil.java index 0a9c0cb5b3..9bd8d49d27 100644 --- a/libsignal/service/src/main/java/org/whispersystems/signalservice/api/util/UuidUtil.java +++ b/libsignal/service/src/main/java/org/whispersystems/signalservice/api/util/UuidUtil.java @@ -13,6 +13,7 @@ import java.util.regex.Pattern; public final class UuidUtil { public static final UUID UNKNOWN_UUID = new UUID(0, 0); + public static final String UNKNOWN_UUID_STRING = UNKNOWN_UUID.toString(); private static final Pattern UUID_PATTERN = Pattern.compile("[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}", Pattern.CASE_INSENSITIVE);