Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-10-01 02:35:48 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

moved security check of chat message after the possible multi-part reconstruction, to avoid that the attacker splits the faulting chain among multiple parts

Browse Source 
git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@6569 b45a01b8-16f6-495d-af2f-9b41ad6348cc
This commit is contained in:
csoler 2013-08-08 20:12:04 +00:00
parent 1994dfa31a
commit aeb430cabb
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
libretroshare/src/services/p3chatservice.cc
View File

@ -1091,8 +1091,6 @@ bool p3ChatService::checkForMessageSecurity(RsChatMsgItem *ci)
bool p3ChatService::handleRecvChatMsgItem(RsChatMsgItem *ci) bool p3ChatService::handleRecvChatMsgItem(RsChatMsgItem *ci)
{ {
bool message_is_secure = checkForMessageSecurity(ci) ;
bool publicChanged = false; bool publicChanged = false;
bool privateChanged = false; bool privateChanged = false;
@ -1112,6 +1110,7 @@ bool p3ChatService::handleRecvChatMsgItem(RsChatMsgItem *ci)
if(!locked_checkAndRebuildPartialMessage(cli)) if(!locked_checkAndRebuildPartialMessage(cli))
return true ; return true ;
} }
bool message_is_secure = checkForMessageSecurity(cli) ;
if(now+100 > (time_t) cli->sendTime + MAX_KEEP_MSG_RECORD) // the message is older than the max cache keep plus 100 seconds ! It's too old, and is going to make an echo! if(now+100 > (time_t) cli->sendTime + MAX_KEEP_MSG_RECORD) // the message is older than the max cache keep plus 100 seconds ! It's too old, and is going to make an echo!
{ {
@ -1146,6 +1145,8 @@ bool p3ChatService::handleRecvChatMsgItem(RsChatMsgItem *ci)
RsStackMutex stack(mChatMtx); /********** STACK LOCKED MTX ******/ RsStackMutex stack(mChatMtx); /********** STACK LOCKED MTX ******/
if(!locked_checkAndRebuildPartialMessage_deprecated(ci)) // Don't delete ! This function is not handled propoerly for chat lobby msgs, so if(!locked_checkAndRebuildPartialMessage_deprecated(ci)) // Don't delete ! This function is not handled propoerly for chat lobby msgs, so
return true ; // we don't use it in this case. return true ; // we don't use it in this case.
checkForMessageSecurity(ci) ;
} }
#ifdef CHAT_DEBUG #ifdef CHAT_DEBUG