[android] reject invalid mime types for image attachments

fc6275b0 · Torsten Grote · f76f9be4 · fc6275b0 · fc6275b0 · fc6275b0
Verified Commit fc6275b0 authored Feb 18, 2019 by Torsten Grote
4 changed files
--- a/briar-android/src/main/java/org/briarproject/briar/android/conversation/AttachmentController.java
+++ b/briar-android/src/main/java/org/briarproject/briar/android/conversation/AttachmentController.java
@@ -44,6 +44,7 @@ import static org.briarproject.bramble.util.IoUtils.tryToClose;
 import static org.briarproject.bramble.util.LogUtils.logDuration;
 import static org.briarproject.bramble.util.LogUtils.logException;
 import static org.briarproject.bramble.util.LogUtils.now;
+import static org.briarproject.briar.api.messaging.MessagingConstants.IMAGE_MIME_TYPES;

 @NotNullByDefault
 class AttachmentController {
@@ -146,6 +147,14 @@ class AttachmentController {
 		unsentItems.put(uri, item);
 	}

+	boolean isValidMimeType(@Nullable String mimeType) {
+		if (mimeType == null) return false;
+		for (String supportedType : IMAGE_MIME_TYPES) {
+			if (supportedType.equals(mimeType)) return true;
+		}
+		return false;
+	}
+
 	@DatabaseExecutor
 	void deleteUnsentAttachments() {
 		for (AttachmentItem item : unsentItems.values()) {

--- a/briar-android/src/main/java/org/briarproject/briar/android/conversation/ConversationViewModel.java
+++ b/briar-android/src/main/java/org/briarproject/briar/android/conversation/ConversationViewModel.java
@@ -74,7 +74,6 @@ public class ConversationViewModel extends AndroidViewModel implements
 	@CryptoExecutor
 	private final Executor cryptoExecutor;
 	private final TransactionManager db;
-	private final AndroidExecutor androidExecutor;
 	private final MessagingManager messagingManager;
 	private final ContactManager contactManager;
 	private final SettingsManager settingsManager;
@@ -107,13 +106,12 @@ public class ConversationViewModel extends AndroidViewModel implements
 	ConversationViewModel(Application application,
 			@DatabaseExecutor Executor dbExecutor,
 			@CryptoExecutor Executor cryptoExecutor, TransactionManager db,
-			AndroidExecutor androidExecutor, MessagingManager messagingManager,
-			ContactManager contactManager, SettingsManager settingsManager,
+			MessagingManager messagingManager, ContactManager contactManager,
+			SettingsManager settingsManager,
 			PrivateMessageFactory privateMessageFactory) {
 		super(application);
 		this.dbExecutor = dbExecutor;
 		this.cryptoExecutor = cryptoExecutor;
-		this.androidExecutor = androidExecutor;
 		this.db = db;
 		this.messagingManager = messagingManager;
 		this.contactManager = contactManager;
@@ -197,16 +195,24 @@ public class ConversationViewModel extends AndroidViewModel implements
 	@Override
 	public LiveData<AttachmentResult> storeAttachment(Uri uri,
 			boolean needsSize) {
-		if (messagingGroupId.getValue() == null) loadGroupId();
 		// use LiveData to not keep references to view scope
 		MutableLiveData<AttachmentResult> result = new MutableLiveData<>();
+		// check first if mime type is supported
+		ContentResolver contentResolver =
+				getApplication().getContentResolver();
+		String mimeType = contentResolver.getType(uri);
+		if (!attachmentController.isValidMimeType(mimeType)) {
+			String errorMsg = getApplication().getString(
+					R.string.image_attach_error_invalid_mime_type, mimeType);
+			result.setValue(new AttachmentResult(errorMsg));
+			return result;
+		}
+		if (messagingGroupId.getValue() == null) loadGroupId();
 		observeForeverOnce(messagingGroupId, groupId -> dbExecutor.execute(()
 				-> {
 			if (groupId == null) throw new IllegalStateException();
 			long start = now();
 			try {
-				ContentResolver contentResolver =
-						getApplication().getContentResolver();
 				attachmentController.createAttachmentHeader(contentResolver,
 						groupId, uri, needsSize);
 				result.postValue(new AttachmentResult(uri));

--- a/briar-android/src/main/res/values/strings.xml
+++ b/briar-android/src/main/res/values/strings.xml
@@ -131,6 +131,7 @@
 	<string name="image_attach">Attach image</string>
 	<string name="image_attach_error">Could not attach image(s)</string>
 	<string name="image_attach_error_too_big">Image too big. Limit is %d MB.</string>
+	<string name="image_attach_error_invalid_mime_type">Image format unsupported: %s</string>
 	<string name="set_contact_alias">Change contact name</string>
 	<string name="set_contact_alias_hint">Contact name</string>
 	<string name="set_alias_button">Change</string>

--- a/briar-android/src/test/java/org/briarproject/briar/android/conversation/AttachmentControllerTest.java
+++ b/briar-android/src/test/java/org/briarproject/briar/android/conversation/AttachmentControllerTest.java
@@ -94,23 +94,6 @@ public class AttachmentControllerTest extends BrambleMockTestCase {
 		assertFalse(item.hasError());
 	}

-	@Test
-	public void testImageHealsWrongMimeType() {
-		AttachmentHeader h = getAttachmentHeader("image/png");
-
-		context.checking(new Expectations() {{
-			oneOf(imageHelper).decodeStream(with(any(InputStream.class)));
-			will(returnValue(new DecodeResult(160, 240, "image/jpeg")));
-			oneOf(imageHelper).getExtensionFromMimeType("image/jpeg");
-			will(returnValue("jpg"));
-		}});
-
-		AttachmentItem item = controller.getAttachmentItem(h, attachment, true);
-		assertEquals("image/jpeg", item.getMimeType());
-		assertEquals("jpg", item.getExtension());
-		assertFalse(item.hasError());
-	}
-
 	@Test
 	public void testBigJpegImage() {
 		String mimeType = "image/jpeg";