Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-21 08:28:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

Validate that sourceAttachments are valid base64 strings

Browse Source
This commit is contained in:
Ravi Khadiwala
2024-08-14 17:36:30 -05:00
parent 7e353f8ea0
commit b5f9564e13
3 changed files with 77 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
service/src/main/java/org/whispersystems/textsecuregcm/controllers/ArchiveController.java
View File

@@ -65,6 +65,7 @@ import org.whispersystems.textsecuregcm.util.ByteArrayBase64UrlAdapter;
import org.whispersystems.textsecuregcm.util.ECPublicKeyAdapter;
import org.whispersystems.textsecuregcm.util.ExactlySize;
import org.whispersystems.textsecuregcm.util.Util;
import org.whispersystems.textsecuregcm.util.ValidBase64URLString;
import org.whispersystems.websocket.auth.Mutable;
import org.whispersystems.websocket.auth.ReadOnly;
import reactor.core.publisher.Mono;
@@ -464,13 +465,16 @@ public class ArchiveController {
@Schema(description = "The attachment cdn")
@NotNull
Integer cdn,
@NotBlank
@ValidBase64URLString
@Schema(description = "The attachment key")
String key) {}
public record CopyMediaRequest(
@Schema(description = "The object on the attachment CDN to copy")
@NotNull
@Valid
RemoteAttachment sourceAttachment,
@Schema(description = "The length of the source attachment before the encryption applied by the copy operation")