diff --git a/briar-api/src/main/java/org/briarproject/briar/api/attachment/AttachmentReader.java b/briar-api/src/main/java/org/briarproject/briar/api/attachment/AttachmentReader.java index 1d7a7ed4f..378c513c4 100644 --- a/briar-api/src/main/java/org/briarproject/briar/api/attachment/AttachmentReader.java +++ b/briar-api/src/main/java/org/briarproject/briar/api/attachment/AttachmentReader.java @@ -1,15 +1,19 @@ package org.briarproject.briar.api.attachment; import org.briarproject.bramble.api.db.DbException; +import org.briarproject.bramble.api.db.NoSuchMessageException; public interface AttachmentReader { /** * Returns the attachment with the given attachment header. * - * @throws InvalidAttachmentException If the header refers to a message + * @throws NoSuchMessageException If the header refers to a message in + * a different group from the one specified in the header, to a message * that is not an attachment, or to an attachment that does not have the - * expected content type + * expected content type. This is meant to prevent social engineering + * attacks that use invalid attachment IDs to test whether messages exist + * in the victim's database */ Attachment getAttachment(AttachmentHeader h) throws DbException; diff --git a/briar-api/src/main/java/org/briarproject/briar/api/attachment/InvalidAttachmentException.java b/briar-api/src/main/java/org/briarproject/briar/api/attachment/InvalidAttachmentException.java deleted file mode 100644 index ac8daac7e..000000000 --- a/briar-api/src/main/java/org/briarproject/briar/api/attachment/InvalidAttachmentException.java +++ /dev/null @@ -1,21 +0,0 @@ -package org.briarproject.briar.api.attachment; - -import org.briarproject.bramble.api.db.DbException; -import org.briarproject.bramble.api.nullsafety.NotNullByDefault; - -/** - * An exception that is thrown when an {@link AttachmentHeader} is used to - * load an {@link Attachment}, and the header refers to a message that is not - * an attachment, or to an attachment that does not have the expected content - * type. - */ -@NotNullByDefault -public class InvalidAttachmentException extends DbException { - public InvalidAttachmentException() { - super(); - } - - public InvalidAttachmentException(Throwable t) { - super(t); - } -} diff --git a/briar-core/src/main/java/org/briarproject/briar/attachment/AttachmentReaderImpl.java b/briar-core/src/main/java/org/briarproject/briar/attachment/AttachmentReaderImpl.java index 1806bdba3..e61918cfe 100644 --- a/briar-core/src/main/java/org/briarproject/briar/attachment/AttachmentReaderImpl.java +++ b/briar-core/src/main/java/org/briarproject/briar/attachment/AttachmentReaderImpl.java @@ -10,7 +10,6 @@ import org.briarproject.bramble.api.sync.MessageId; import org.briarproject.briar.api.attachment.Attachment; import org.briarproject.briar.api.attachment.AttachmentHeader; import org.briarproject.briar.api.attachment.AttachmentReader; -import org.briarproject.briar.api.attachment.InvalidAttachmentException; import java.io.ByteArrayInputStream; import java.io.InputStream; @@ -44,13 +43,13 @@ public class AttachmentReaderImpl implements AttachmentReader { BdfDictionary meta = clientHelper.getMessageMetadataAsDictionary(m); String contentType = meta.getString(MSG_KEY_CONTENT_TYPE); if (!contentType.equals(h.getContentType())) - throw new InvalidAttachmentException(); + throw new NoSuchMessageException(); int offset = meta.getLong(MSG_KEY_DESCRIPTOR_LENGTH).intValue(); InputStream stream = new ByteArrayInputStream(body, offset, body.length - offset); return new Attachment(h, stream); } catch (FormatException e) { - throw new InvalidAttachmentException(e); + throw new NoSuchMessageException(); } } diff --git a/briar-core/src/test/java/org/briarproject/briar/attachment/AttachmentReaderImplTest.java b/briar-core/src/test/java/org/briarproject/briar/attachment/AttachmentReaderImplTest.java index 191732c1e..9d21221a0 100644 --- a/briar-core/src/test/java/org/briarproject/briar/attachment/AttachmentReaderImplTest.java +++ b/briar-core/src/test/java/org/briarproject/briar/attachment/AttachmentReaderImplTest.java @@ -9,7 +9,6 @@ import org.briarproject.bramble.api.sync.Message; import org.briarproject.bramble.test.BrambleMockTestCase; import org.briarproject.briar.api.attachment.Attachment; import org.briarproject.briar.api.attachment.AttachmentHeader; -import org.briarproject.briar.api.attachment.InvalidAttachmentException; import org.jmock.Expectations; import org.junit.Test; @@ -51,14 +50,14 @@ public class AttachmentReaderImplTest extends BrambleMockTestCase { attachmentReader.getAttachment(wrongGroup); } - @Test(expected = InvalidAttachmentException.class) + @Test(expected = NoSuchMessageException.class) public void testMissingContentType() throws Exception { BdfDictionary meta = new BdfDictionary(); testInvalidMetadata(meta); } - @Test(expected = InvalidAttachmentException.class) + @Test(expected = NoSuchMessageException.class) public void testWrongContentType() throws Exception { BdfDictionary meta = BdfDictionary.of( new BdfEntry(MSG_KEY_CONTENT_TYPE, "image/png")); @@ -66,7 +65,7 @@ public class AttachmentReaderImplTest extends BrambleMockTestCase { testInvalidMetadata(meta); } - @Test(expected = InvalidAttachmentException.class) + @Test(expected = NoSuchMessageException.class) public void testMissingDescriptorLength() throws Exception { BdfDictionary meta = BdfDictionary.of( new BdfEntry(MSG_KEY_CONTENT_TYPE, contentType));