reject invalid UTF-8 (#1472)
* reject invalid UTF-8 Signed-off-by: Jonas Fentker <jonas@fentker.eu> * update sytest-whitelist Signed-off-by: Jonas Fentker <jonas@fentker.eu> Co-authored-by: Kegsay <kegan@matrix.org>main
parent
f3e8ae01ef
commit
c4c8bfd027
|
@ -16,7 +16,9 @@ package httputil
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"unicode/utf8"
|
||||||
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
||||||
"github.com/matrix-org/util"
|
"github.com/matrix-org/util"
|
||||||
|
@ -25,7 +27,23 @@ import (
|
||||||
// UnmarshalJSONRequest into the given interface pointer. Returns an error JSON response if
|
// UnmarshalJSONRequest into the given interface pointer. Returns an error JSON response if
|
||||||
// there was a problem unmarshalling. Calling this function consumes the request body.
|
// there was a problem unmarshalling. Calling this function consumes the request body.
|
||||||
func UnmarshalJSONRequest(req *http.Request, iface interface{}) *util.JSONResponse {
|
func UnmarshalJSONRequest(req *http.Request, iface interface{}) *util.JSONResponse {
|
||||||
if err := json.NewDecoder(req.Body).Decode(iface); err != nil {
|
// encoding/json allows invalid utf-8, matrix does not
|
||||||
|
// https://matrix.org/docs/spec/client_server/r0.6.1#api-standards
|
||||||
|
body, err := ioutil.ReadAll(req.Body)
|
||||||
|
if err != nil {
|
||||||
|
util.GetLogger(req.Context()).WithError(err).Error("ioutil.ReadAll failed")
|
||||||
|
resp := jsonerror.InternalServerError()
|
||||||
|
return &resp
|
||||||
|
}
|
||||||
|
|
||||||
|
if !utf8.Valid(body) {
|
||||||
|
return &util.JSONResponse{
|
||||||
|
Code: http.StatusBadRequest,
|
||||||
|
JSON: jsonerror.NotJSON("Body contains invalid UTF-8"),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := json.Unmarshal(body, iface); err != nil {
|
||||||
// TODO: We may want to suppress the Error() return in production? It's useful when
|
// TODO: We may want to suppress the Error() return in production? It's useful when
|
||||||
// debugging because an error will be produced for both invalid/malformed JSON AND
|
// debugging because an error will be produced for both invalid/malformed JSON AND
|
||||||
// valid JSON with incorrect types for values.
|
// valid JSON with incorrect types for values.
|
||||||
|
|
|
@ -15,11 +15,11 @@
|
||||||
package routing
|
package routing
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth"
|
"github.com/matrix-org/dendrite/clientapi/auth"
|
||||||
|
"github.com/matrix-org/dendrite/clientapi/httputil"
|
||||||
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
||||||
"github.com/matrix-org/dendrite/userapi/api"
|
"github.com/matrix-org/dendrite/userapi/api"
|
||||||
userapi "github.com/matrix-org/dendrite/userapi/api"
|
userapi "github.com/matrix-org/dendrite/userapi/api"
|
||||||
|
@ -121,9 +121,8 @@ func UpdateDeviceByID(
|
||||||
|
|
||||||
payload := deviceUpdateJSON{}
|
payload := deviceUpdateJSON{}
|
||||||
|
|
||||||
if err := json.NewDecoder(req.Body).Decode(&payload); err != nil {
|
if resErr := httputil.UnmarshalJSONRequest(req, &payload); resErr != nil {
|
||||||
util.GetLogger(req.Context()).WithError(err).Error("json.NewDecoder.Decode failed")
|
return *resErr
|
||||||
return jsonerror.InternalServerError()
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var performRes api.PerformDeviceUpdateResponse
|
var performRes api.PerformDeviceUpdateResponse
|
||||||
|
@ -211,9 +210,8 @@ func DeleteDevices(
|
||||||
ctx := req.Context()
|
ctx := req.Context()
|
||||||
payload := devicesDeleteJSON{}
|
payload := devicesDeleteJSON{}
|
||||||
|
|
||||||
if err := json.NewDecoder(req.Body).Decode(&payload); err != nil {
|
if resErr := httputil.UnmarshalJSONRequest(req, &payload); resErr != nil {
|
||||||
util.GetLogger(ctx).WithError(err).Error("json.NewDecoder.Decode failed")
|
return *resErr
|
||||||
return jsonerror.InternalServerError()
|
|
||||||
}
|
}
|
||||||
|
|
||||||
defer req.Body.Close() // nolint: errcheck
|
defer req.Body.Close() // nolint: errcheck
|
||||||
|
|
|
@ -23,6 +23,7 @@ import (
|
||||||
appserviceAPI "github.com/matrix-org/dendrite/appservice/api"
|
appserviceAPI "github.com/matrix-org/dendrite/appservice/api"
|
||||||
"github.com/matrix-org/dendrite/clientapi/api"
|
"github.com/matrix-org/dendrite/clientapi/api"
|
||||||
"github.com/matrix-org/dendrite/clientapi/auth"
|
"github.com/matrix-org/dendrite/clientapi/auth"
|
||||||
|
clientutil "github.com/matrix-org/dendrite/clientapi/httputil"
|
||||||
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
"github.com/matrix-org/dendrite/clientapi/jsonerror"
|
||||||
"github.com/matrix-org/dendrite/clientapi/producers"
|
"github.com/matrix-org/dendrite/clientapi/producers"
|
||||||
eduServerAPI "github.com/matrix-org/dendrite/eduserver/api"
|
eduServerAPI "github.com/matrix-org/dendrite/eduserver/api"
|
||||||
|
@ -659,8 +660,9 @@ func Setup(
|
||||||
SearchString string `json:"search_term"`
|
SearchString string `json:"search_term"`
|
||||||
Limit int `json:"limit"`
|
Limit int `json:"limit"`
|
||||||
}{}
|
}{}
|
||||||
if err := json.NewDecoder(req.Body).Decode(&postContent); err != nil {
|
|
||||||
return util.ErrorResponse(err)
|
if resErr := clientutil.UnmarshalJSONRequest(req, &postContent); resErr != nil {
|
||||||
|
return *resErr
|
||||||
}
|
}
|
||||||
return *SearchUserDirectory(
|
return *SearchUserDirectory(
|
||||||
req.Context(),
|
req.Context(),
|
||||||
|
|
|
@ -477,5 +477,6 @@ Inbound federation rejects invite rejections which include invalid JSON for room
|
||||||
GET /capabilities is present and well formed for registered user
|
GET /capabilities is present and well formed for registered user
|
||||||
m.room.history_visibility == "joined" allows/forbids appropriately for Guest users
|
m.room.history_visibility == "joined" allows/forbids appropriately for Guest users
|
||||||
m.room.history_visibility == "joined" allows/forbids appropriately for Real users
|
m.room.history_visibility == "joined" allows/forbids appropriately for Real users
|
||||||
|
POST rejects invalid utf-8 in JSON
|
||||||
Users cannot kick users who have already left a room
|
Users cannot kick users who have already left a room
|
||||||
A prev_batch token from incremental sync can be used in the v1 messages API
|
A prev_batch token from incremental sync can be used in the v1 messages API
|
||||||
|
|
Loading…
Reference in New Issue