rei-forks/element-android
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Prevent injecting a forged encrypted message and using session_id/sender_key of another room.

Browse Source
This commit is contained in:
ariskotsomitopoulos 2022-04-28 17:15:46 +03:00 committed by Valere
parent 28a3ae264c
commit d6358dcb16
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
View File

@ -1354,6 +1354,9 @@ internal class DefaultCryptoService @Inject constructor(
senderKey = sessionInfoPair.second, senderKey = sessionInfoPair.second,
sharedHistory = true sharedHistory = true
) )
}?.filter { inboundGroupSession ->
// Prevent injecting a forged encrypted message and using session_id/sender_key of another room.
inboundGroupSession.roomId == roomId
}?.forEach { inboundGroupSession -> }?.forEach { inboundGroupSession ->
// Share the sharable session to userId with deviceId // Share the sharable session to userId with deviceId
val exportedKeys = inboundGroupSession.exportKeys(sharedHistory = true) val exportedKeys = inboundGroupSession.exportKeys(sharedHistory = true)