Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-18 05:39:53 +01:00
Code Issues Projects Releases Wiki Activity

Truncate all messages to valid length before sending.

Browse Source
This commit is contained in:
akwizgran
2016-10-19 14:23:24 +01:00
parent 9d2c56e75f
commit 06335c2c30
23 changed files with 279 additions and 163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
briar-core/src/org/briarproject/blogs/BlogPostFactoryImpl.java
View File

@@ -11,6 +11,7 @@ import org.briarproject.api.sync.GroupId;
import org.briarproject.api.sync.Message;
import org.briarproject.api.sync.MessageId;
import org.briarproject.api.system.Clock;
import org.briarproject.util.StringUtils;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
@@ -18,6 +19,7 @@ import java.security.GeneralSecurityException;
import javax.inject.Inject;
import static org.briarproject.api.blogs.BlogConstants.MAX_BLOG_COMMENT_LENGTH;
import static org.briarproject.api.blogs.BlogConstants.MAX_BLOG_POST_BODY_LENGTH;
import static org.briarproject.api.blogs.MessageType.COMMENT;
import static org.briarproject.api.blogs.MessageType.POST;
@@ -42,7 +44,8 @@ class BlogPostFactoryImpl implements BlogPostFactory {
throws FormatException, GeneralSecurityException {
// Validate the arguments
if (body.length() > MAX_BLOG_POST_BODY_LENGTH)
int bodyLength = StringUtils.toUtf8(body).length;
if (bodyLength > MAX_BLOG_POST_BODY_LENGTH)
throw new IllegalArgumentException();
// Serialise the data to be signed
@@ -62,6 +65,13 @@ class BlogPostFactoryImpl implements BlogPostFactory {
@Nullable String comment, MessageId pOriginalId, MessageId parentId)
throws FormatException, GeneralSecurityException {
if (comment != null) {
int commentLength = StringUtils.toUtf8(comment).length;
if (commentLength == 0) throw new IllegalArgumentException();
if (commentLength > MAX_BLOG_COMMENT_LENGTH)
throw new IllegalArgumentException();
}
long timestamp = clock.currentTimeMillis();
// Generate the signature

5
briar-core/src/org/briarproject/blogs/BlogPostValidator.java
View File

@@ -40,6 +40,7 @@ import static org.briarproject.api.blogs.BlogConstants.KEY_READ;
import static org.briarproject.api.blogs.BlogConstants.KEY_TIMESTAMP;
import static org.briarproject.api.blogs.BlogConstants.KEY_TIME_RECEIVED;
import static org.briarproject.api.blogs.BlogConstants.KEY_TYPE;
import static org.briarproject.api.blogs.BlogConstants.MAX_BLOG_COMMENT_LENGTH;
import static org.briarproject.api.blogs.BlogConstants.MAX_BLOG_POST_BODY_LENGTH;
import static org.briarproject.api.blogs.MessageType.COMMENT;
import static org.briarproject.api.blogs.MessageType.POST;
@@ -125,7 +126,7 @@ class BlogPostValidator extends BdfMessageValidator {
// Comment
String comment = body.getOptionalString(0);
checkLength(comment, 1, MAX_BLOG_POST_BODY_LENGTH);
checkLength(comment, 1, MAX_BLOG_COMMENT_LENGTH);
// parent_original_id
// The ID of a post or comment in this group or another group
@@ -216,7 +217,7 @@ class BlogPostValidator extends BdfMessageValidator {
// Body of Wrapped Comment
String comment = body.getOptionalString(2);
checkLength(comment, 1, MAX_BLOG_POST_BODY_LENGTH);
checkLength(comment, 1, MAX_BLOG_COMMENT_LENGTH);
// c_parent_original_id
// Taken from the original comment