Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-21 09:10:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Throw error for oversized inbound noise messages

Browse Source
This commit is contained in:
Ravi Khadiwala
2024-07-23 17:03:24 -05:00
committed by ravi-signal
parent 3d96d73169
commit 3a582721cf
5 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
service/src/test/java/org/whispersystems/textsecuregcm/grpc/net/AbstractNoiseHandlerTest.java
View File

@@ -6,6 +6,7 @@ import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertInstanceOf;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
import com.southernstorm.noise.protocol.CipherStatePair;
@@ -284,4 +285,11 @@ abstract class AbstractNoiseHandlerTest extends AbstractLeakDetectionTest {
}
@Test
public void writeHugeInboundMessage() throws Throwable {
doHandshake();
final byte[] big = TestRandomUtil.nextBytes(Noise.MAX_PACKET_LEN + 1);
embeddedChannel.pipeline().fireChannelRead(new BinaryWebSocketFrame(Unpooled.wrappedBuffer(big)));
assertThrows(NoiseException.class, embeddedChannel::checkException);
}
}

12
service/src/test/java/org/whispersystems/textsecuregcm/grpc/net/NoiseAuthenticatedHandlerTest.java
View File

@@ -14,6 +14,7 @@ import static org.mockito.Mockito.when;
import com.southernstorm.noise.protocol.CipherStatePair;
import com.southernstorm.noise.protocol.HandshakeState;
import com.southernstorm.noise.protocol.Noise;
import io.netty.buffer.Unpooled;
import io.netty.channel.ChannelFuture;
import io.netty.channel.embedded.EmbeddedChannel;
@@ -35,6 +36,7 @@ import org.signal.libsignal.protocol.ecc.ECPublicKey;
import org.whispersystems.textsecuregcm.auth.grpc.AuthenticatedDevice;
import org.whispersystems.textsecuregcm.storage.ClientPublicKeysManager;
import org.whispersystems.textsecuregcm.storage.Device;
import org.whispersystems.textsecuregcm.util.TestRandomUtil;
import org.whispersystems.textsecuregcm.util.UUIDUtil;
class NoiseAuthenticatedHandlerTest extends AbstractNoiseHandlerTest {
@@ -219,6 +221,16 @@ class NoiseAuthenticatedHandlerTest extends AbstractNoiseHandlerTest {
assertNull(embeddedChannel.outboundMessages().poll());
}
@Test
public void handleOversizeHandshakeMessage() {
final EmbeddedChannel embeddedChannel = getEmbeddedChannel();
final byte[] big = TestRandomUtil.nextBytes(Noise.MAX_PACKET_LEN + 1);
ByteBuffer.wrap(big)
.put(UUIDUtil.toBytes(UUID.randomUUID()))
.put((byte) 0x01);
assertThrows(NoiseHandshakeException.class, () -> doHandshake(big));
}
private HandshakeState clientHandshakeState() throws NoSuchAlgorithmException {
final HandshakeState clientHandshakeState =
new HandshakeState(HandshakePattern.IK.protocol(), HandshakeState.INITIATOR);