keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Added in a little defensive coding for config message processing

Browse Source 
Updated the config 'pendingChanges' to use the readonly version of the conf (no use blocking access)
Added code to throw and log when the config processing exceeds 50000 loops (ie. infinite loop protection)
pull/751/head
Morgan Pretty 2 years ago
parent 0f52d358d4
commit a5306f85b7
6 changed files with 29 additions and 18 deletions
Show Stats Download Patch File Download Diff File

7
SessionMessagingKit/SessionUtil/Config Handling/SessionUtil+Contacts.swift
Unescape Escape View File

@ -40,7 +40,7 @@ internal extension SessionUtil {
// The current users contact data is handled separately so exclude it if it's present (as that's // The current users contact data is handled separately so exclude it if it's present (as that's
// actually a bug) // actually a bug)
let userPublicKey: String = getUserHexEncodedPublicKey(db) let userPublicKey: String = getUserHexEncodedPublicKey(db)
let targetContactData: [String: ContactData] = extractContacts( let targetContactData: [String: ContactData] = try extractContacts(
from: conf, from: conf,
latestConfigSentTimestampMs: latestConfigSentTimestampMs latestConfigSentTimestampMs: latestConfigSentTimestampMs
).filter { $0.key != userPublicKey } ).filter { $0.key != userPublicKey }
@ -540,12 +540,15 @@ private extension SessionUtil {
static func extractContacts( static func extractContacts(
from conf: UnsafeMutablePointer<config_object>?, from conf: UnsafeMutablePointer<config_object>?,
latestConfigSentTimestampMs: Int64 latestConfigSentTimestampMs: Int64
) -> [String: ContactData] { ) throws -> [String: ContactData] {
var infiniteLoopGuard: Int = 0
var result: [String: ContactData] = [:] var result: [String: ContactData] = [:]
var contact: contacts_contact = contacts_contact() var contact: contacts_contact = contacts_contact()
let contactIterator: UnsafeMutablePointer<contacts_iterator> = contacts_iterator_new(conf) let contactIterator: UnsafeMutablePointer<contacts_iterator> = contacts_iterator_new(conf)
while !contacts_iterator_done(contactIterator, &contact) { while !contacts_iterator_done(contactIterator, &contact) {
try SessionUtil.checkLoopLimitReached(&infiniteLoopGuard, for: .contacts)
let contactId: String = String(cString: withUnsafeBytes(of: contact.session_id) { [UInt8]($0) } let contactId: String = String(cString: withUnsafeBytes(of: contact.session_id) { [UInt8]($0) }
.map { CChar($0) } .map { CChar($0) }
.nullTerminated() .nullTerminated()

12
SessionMessagingKit/SessionUtil/Config Handling/SessionUtil+ConvoInfoVolatile.swift
Unescape Escape View File

@ -23,7 +23,7 @@ internal extension SessionUtil {
guard conf != nil else { throw SessionUtilError.nilConfigObject } guard conf != nil else { throw SessionUtilError.nilConfigObject }
// Get the volatile thread info from the conf and local conversations // Get the volatile thread info from the conf and local conversations
let volatileThreadInfo: [VolatileThreadInfo] = extractConvoVolatileInfo(from: conf) let volatileThreadInfo: [VolatileThreadInfo] = try extractConvoVolatileInfo(from: conf)
let localVolatileThreadInfo: [String: VolatileThreadInfo] = VolatileThreadInfo.fetchAll(db) let localVolatileThreadInfo: [String: VolatileThreadInfo] = VolatileThreadInfo.fetchAll(db)
.reduce(into: [:]) { result, next in result[next.threadId] = next } .reduce(into: [:]) { result, next in result[next.threadId] = next }
@ -314,10 +314,7 @@ public extension SessionUtil {
openGroup: OpenGroup? openGroup: OpenGroup?
) -> Bool { ) -> Bool {
return SessionUtil return SessionUtil
.config( .config(for: .convoInfoVolatile, publicKey: userPublicKey)
for: .convoInfoVolatile,
publicKey: userPublicKey
)
.wrappedValue .wrappedValue
.map { conf in .map { conf in
switch threadVariant { switch threadVariant {
@ -512,7 +509,8 @@ public extension SessionUtil {
internal static func extractConvoVolatileInfo( internal static func extractConvoVolatileInfo(
from conf: UnsafeMutablePointer<config_object>? from conf: UnsafeMutablePointer<config_object>?
) -> [VolatileThreadInfo] { ) throws -> [VolatileThreadInfo] {
var infiniteLoopGuard: Int = 0
var result: [VolatileThreadInfo] = [] var result: [VolatileThreadInfo] = []
var oneToOne: convo_info_volatile_1to1 = convo_info_volatile_1to1() var oneToOne: convo_info_volatile_1to1 = convo_info_volatile_1to1()
var community: convo_info_volatile_community = convo_info_volatile_community() var community: convo_info_volatile_community = convo_info_volatile_community()
@ -520,6 +518,8 @@ public extension SessionUtil {
let convoIterator: OpaquePointer = convo_info_volatile_iterator_new(conf) let convoIterator: OpaquePointer = convo_info_volatile_iterator_new(conf)
while !convo_info_volatile_iterator_done(convoIterator) { while !convo_info_volatile_iterator_done(convoIterator) {
try SessionUtil.checkLoopLimitReached(&infiniteLoopGuard, for: .convoInfoVolatile)
if convo_info_volatile_it_is_1to1(convoIterator, &oneToOne) { if convo_info_volatile_it_is_1to1(convoIterator, &oneToOne) {
result.append( result.append(
VolatileThreadInfo( VolatileThreadInfo(

14
SessionMessagingKit/SessionUtil/Config Handling/SessionUtil+Shared.swift
Unescape Escape View File

@ -59,10 +59,7 @@ internal extension SessionUtil {
do { do {
needsPush = try SessionUtil needsPush = try SessionUtil
.config( .config(for: variant, publicKey: publicKey)
for: variant,
publicKey: publicKey
)
.mutate { conf in .mutate { conf in
guard conf != nil else { throw SessionUtilError.nilConfigObject } guard conf != nil else { throw SessionUtilError.nilConfigObject }
@ -332,6 +329,15 @@ internal extension SessionUtil {
// Ensure the change occurred after the last config message was handled (minus the buffer period) // Ensure the change occurred after the last config message was handled (minus the buffer period)
return (changeTimestampMs >= (configDumpTimestampMs - Int64(SessionUtil.configChangeBufferPeriod * 1000))) return (changeTimestampMs >= (configDumpTimestampMs - Int64(SessionUtil.configChangeBufferPeriod * 1000)))
} }
static func checkLoopLimitReached(_ loopCounter: inout Int, for variant: ConfigDump.Variant, maxLoopCount: Int = 50000) throws {
loopCounter += 1
guard loopCounter < maxLoopCount else {
SNLog("[libSession] Got stuck in infinite loop processing '\(variant.configMessageKind.description)' data")
throw SessionUtilError.processingLoopLimitReached
}
}
} }
// MARK: - External Outgoing Changes // MARK: - External Outgoing Changes

3
SessionMessagingKit/SessionUtil/Config Handling/SessionUtil+UserGroups.swift
Unescape Escape View File

@ -34,6 +34,7 @@ internal extension SessionUtil {
guard mergeNeedsDump else { return } guard mergeNeedsDump else { return }
guard conf != nil else { throw SessionUtilError.nilConfigObject } guard conf != nil else { throw SessionUtilError.nilConfigObject }
var infiniteLoopGuard: Int = 0
var communities: [PrioritisedData<OpenGroupUrlInfo>] = [] var communities: [PrioritisedData<OpenGroupUrlInfo>] = []
var legacyGroups: [LegacyGroupInfo] = [] var legacyGroups: [LegacyGroupInfo] = []
var community: ugroups_community_info = ugroups_community_info() var community: ugroups_community_info = ugroups_community_info()
@ -41,6 +42,8 @@ internal extension SessionUtil {
let groupsIterator: OpaquePointer = user_groups_iterator_new(conf) let groupsIterator: OpaquePointer = user_groups_iterator_new(conf)
while !user_groups_iterator_done(groupsIterator) { while !user_groups_iterator_done(groupsIterator) {
try SessionUtil.checkLoopLimitReached(&infiniteLoopGuard, for: .userGroups)
if user_groups_it_is_community(groupsIterator, &community) { if user_groups_it_is_community(groupsIterator, &community) {
let server: String = String(libSessionVal: community.base_url) let server: String = String(libSessionVal: community.base_url)
let roomToken: String = String(libSessionVal: community.room) let roomToken: String = String(libSessionVal: community.room)

10
SessionMessagingKit/SessionUtil/SessionUtil.swift
Unescape Escape View File

@ -314,9 +314,10 @@ public enum SessionUtil {
.compactMap { variant -> OutgoingConfResult? in .compactMap { variant -> OutgoingConfResult? in
try SessionUtil try SessionUtil
.config(for: variant, publicKey: publicKey) .config(for: variant, publicKey: publicKey)
.mutate { conf in .wrappedValue
.map { conf in
// Check if the config needs to be pushed // Check if the config needs to be pushed
guard conf != nil && config_needs_push(conf) else { return nil } guard config_needs_push(conf) else { return nil }
var cPushData: UnsafeMutablePointer<config_push_data>! var cPushData: UnsafeMutablePointer<config_push_data>!
let configCountInfo: String = { let configCountInfo: String = {
@ -375,10 +376,7 @@ public enum SessionUtil {
publicKey: String publicKey: String
) -> ConfigDump? { ) -> ConfigDump? {
return SessionUtil return SessionUtil
.config( .config(for: message.kind.configDumpVariant, publicKey: publicKey)
for: message.kind.configDumpVariant,
publicKey: publicKey
)
.mutate { conf in .mutate { conf in
guard conf != nil else { return nil } guard conf != nil else { return nil }

1
SessionMessagingKit/SessionUtil/SessionUtilError.swift
Unescape Escape View File

@ -7,4 +7,5 @@ public enum SessionUtilError: Error {
case nilConfigObject case nilConfigObject
case userDoesNotExist case userDoesNotExist
case getOrConstructFailedUnexpectedly case getOrConstructFailedUnexpectedly
case processingLoopLimitReached
} }

Write Preview
Loading…
Cancel
Save