From b75c532f2d5c709cbb7ed3b1a3edc588fb840888 Mon Sep 17 00:00:00 2001 From: levlam Date: Mon, 17 Jun 2019 16:46:20 +0300 Subject: [PATCH] Do not trust external documents from secret chats. GitOrigin-RevId: e0341ce1e2017c6d0b8ac44e18fc9e03de65ccbe --- td/telegram/DocumentsManager.cpp | 20 +++++++++++++++----- td/telegram/Photo.cpp | 4 +++- td/telegram/StickersManager.cpp | 10 +++++----- 3 files changed, 23 insertions(+), 11 deletions(-) diff --git a/td/telegram/DocumentsManager.cpp b/td/telegram/DocumentsManager.cpp index 5c8a898e1..08afb6f1f 100644 --- a/td/telegram/DocumentsManager.cpp +++ b/td/telegram/DocumentsManager.cpp @@ -215,6 +215,7 @@ Document DocumentsManager::on_get_document(RemoteDocument remote_document, Dialo bool is_web = false; bool is_web_no_proxy = false; string url; + FileLocationSource source = FileLocationSource::FromServer; if (remote_document.document != nullptr) { auto document = std::move(remote_document.document); @@ -225,6 +226,15 @@ Document DocumentsManager::on_get_document(RemoteDocument remote_document, Dialo mime_type = std::move(document->mime_type_); file_reference = document->file_reference_.as_slice().str(); + if (owner_dialog_id.get_type() == DialogType::SecretChat) { + // secret_api::decryptedMessageMediaExternalDocument + if (document_type != Document::Type::Sticker) { + LOG(ERROR) << "Receive " << document_type << " in " << owner_dialog_id; + return {}; + } + source = FileLocationSource::FromUser; + } + if (document_type != Document::Type::VoiceNote) { for (auto &thumb : document->thumbs_) { auto photo_size = get_photo_size(td_->file_manager_.get(), {FileType::Thumbnail, 0}, id, access_hash, @@ -302,7 +312,7 @@ Document DocumentsManager::on_get_document(RemoteDocument remote_document, Dialo } } - LOG(DEBUG) << "Receive document with id = " << id << " of type " << static_cast(document_type); + LOG(DEBUG) << "Receive document with id = " << id << " of type " << document_type; if (!is_web && !DcId::is_valid(dc_id)) { LOG(ERROR) << "Wrong dc_id = " << dc_id; return {}; @@ -321,14 +331,14 @@ Document DocumentsManager::on_get_document(RemoteDocument remote_document, Dialo FileId file_id; if (!is_web) { file_id = td_->file_manager_->register_remote( - FullRemoteFileLocation(file_type, id, access_hash, DcId::internal(dc_id), std::move(file_reference)), - FileLocationSource::FromServer, owner_dialog_id, size, 0, suggested_file_name); + FullRemoteFileLocation(file_type, id, access_hash, DcId::internal(dc_id), std::move(file_reference)), source, + owner_dialog_id, size, 0, suggested_file_name); if (!encryption_key.empty()) { td_->file_manager_->set_encryption_key(file_id, std::move(encryption_key)); } } else if (!is_web_no_proxy) { - file_id = td_->file_manager_->register_remote(FullRemoteFileLocation(file_type, url, access_hash), - FileLocationSource::FromServer, owner_dialog_id, 0, size, file_name); + file_id = td_->file_manager_->register_remote(FullRemoteFileLocation(file_type, url, access_hash), source, + owner_dialog_id, 0, size, file_name); } else { auto r_file_id = td_->file_manager_->from_persistent_id(url, file_type); if (r_file_id.is_error()) { diff --git a/td/telegram/Photo.cpp b/td/telegram/Photo.cpp index 74fc9a5e8..3683c3ea6 100644 --- a/td/telegram/Photo.cpp +++ b/td/telegram/Photo.cpp @@ -134,9 +134,11 @@ static FileId register_photo(FileManager *file_manager, const PhotoSizeSource &s << "]. Id: (" << id << ", " << access_hash << ")"; auto suggested_name = PSTRING() << static_cast(volume_id) << "_" << static_cast(local_id) << (is_webp ? ".webp" : (is_png ? ".png" : ".jpg")); + auto file_location_source = owner_dialog_id.get_type() == DialogType::SecretChat ? FileLocationSource::FromUser + : FileLocationSource::FromServer; return file_manager->register_remote( FullRemoteFileLocation(source, id, access_hash, local_id, volume_id, dc_id, std::move(file_reference)), - FileLocationSource::FromServer, owner_dialog_id, file_size, 0, std::move(suggested_name)); + file_location_source, owner_dialog_id, file_size, 0, std::move(suggested_name)); } ProfilePhoto get_profile_photo(FileManager *file_manager, UserId user_id, int64 user_access_hash, diff --git a/td/telegram/StickersManager.cpp b/td/telegram/StickersManager.cpp index d672dc2d7..3eb53ec9f 100644 --- a/td/telegram/StickersManager.cpp +++ b/td/telegram/StickersManager.cpp @@ -1646,7 +1646,6 @@ SecretInputMedia StickersManager::get_secret_input_media(FileId sticker_file_id, return {}; } - vector> attributes; tl_object_ptr input_sticker_set = make_tl_object(); if (sticker->set_id) { const StickerSet *sticker_set = get_sticker_set(sticker->set_id); @@ -1657,12 +1656,13 @@ SecretInputMedia StickersManager::get_secret_input_media(FileId sticker_file_id, // TODO load sticker set } } - attributes.push_back( - make_tl_object(sticker->alt, std::move(input_sticker_set))); + vector> attributes; + attributes.push_back( + secret_api::make_object(sticker->alt, std::move(input_sticker_set))); if (sticker->dimensions.width != 0 && sticker->dimensions.height != 0) { - attributes.push_back( - make_tl_object(sticker->dimensions.width, sticker->dimensions.height)); + attributes.push_back(secret_api::make_object(sticker->dimensions.width, + sticker->dimensions.height)); } if (file_view.is_encrypted_secret()) {