Matrix/element-android-Github
1
0
Fork 0
mirror of https://github.com/vector-im/element-android.git synced 2024-11-15 01:35:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Prevent injecting a forged encrypted message and using session_id/sender_key of another room.

Browse Source
This commit is contained in:
ariskotsomitopoulos 2022-04-28 17:15:46 +03:00 committed by Valere
parent 28a3ae264c
commit d6358dcb16
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
View File

@ -1354,6 +1354,9 @@ internal class DefaultCryptoService @Inject constructor(
senderKey = sessionInfoPair.second,
sharedHistory = true
)
}?.filter { inboundGroupSession ->
// Prevent injecting a forged encrypted message and using session_id/sender_key of another room.
inboundGroupSession.roomId == roomId
}?.forEach { inboundGroupSession ->
// Share the sharable session to userId with deviceId
val exportedKeys = inboundGroupSession.exportKeys(sharedHistory = true)