don't crash on broken base64 in omemo messages. fixes #1934

Daniel Gultsch created 9 years ago

Change summary

src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlMessage.java |  6 
src/main/java/eu/siacs/conversations/parser/MessageParser.java              | 16 
2 files changed, 14 insertions(+), 8 deletions(-)

Detailed changes

src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlMessage.java 🔗

@@ -99,7 +99,7 @@ public class XmppAxolotlMessage {
 				case KEYTAG:
 					try {
 						Integer recipientId = Integer.parseInt(keyElement.getAttribute(REMOTEID));
-						byte[] key = Base64.decode(keyElement.getContent(), Base64.DEFAULT);
+						byte[] key = Base64.decode(keyElement.getContent().trim(), Base64.DEFAULT);
 						this.keys.put(recipientId, key);
 					} catch (NumberFormatException e) {
 						throw new IllegalArgumentException(e);
@@ -109,7 +109,7 @@ public class XmppAxolotlMessage {
 					if (this.iv != null) {
 						throw new IllegalArgumentException("Duplicate iv entry");
 					}
-					iv = Base64.decode(keyElement.getContent(), Base64.DEFAULT);
+					iv = Base64.decode(keyElement.getContent().trim(), Base64.DEFAULT);
 					break;
 				default:
 					Log.w(Config.LOGTAG, "Unexpected element in header: " + keyElement.toString());
@@ -118,7 +118,7 @@ public class XmppAxolotlMessage {
 		}
 		Element payloadElement = axolotlMessage.findChild(PAYLOAD);
 		if (payloadElement != null) {
-			ciphertext = Base64.decode(payloadElement.getContent(), Base64.DEFAULT);
+			ciphertext = Base64.decode(payloadElement.getContent().trim(), Base64.DEFAULT);
 		}
 	}

src/main/java/eu/siacs/conversations/parser/MessageParser.java 🔗

@@ -146,17 +146,23 @@ public class MessageParser extends AbstractParser implements OnMessagePacketRece
 	}
 
 	private Message parseAxolotlChat(Element axolotlMessage, Jid from,  Conversation conversation, int status) {
-		Message finishedMessage = null;
 		AxolotlService service = conversation.getAccount().getAxolotlService();
-		XmppAxolotlMessage xmppAxolotlMessage = XmppAxolotlMessage.fromElement(axolotlMessage, from.toBareJid());
+		XmppAxolotlMessage xmppAxolotlMessage;
+		try {
+			xmppAxolotlMessage = XmppAxolotlMessage.fromElement(axolotlMessage, from.toBareJid());
+		} catch (Exception e) {
+			Log.d(Config.LOGTAG,conversation.getAccount().getJid().toBareJid()+": invalid omemo message received "+e.getMessage());
+			return null;
+		}
 		XmppAxolotlMessage.XmppAxolotlPlaintextMessage plaintextMessage = service.processReceivingPayloadMessage(xmppAxolotlMessage);
 		if(plaintextMessage != null) {
-			finishedMessage = new Message(conversation, plaintextMessage.getPlaintext(), Message.ENCRYPTION_AXOLOTL, status);
+			Message finishedMessage = new Message(conversation, plaintextMessage.getPlaintext(), Message.ENCRYPTION_AXOLOTL, status);
 			finishedMessage.setFingerprint(plaintextMessage.getFingerprint());
 			Log.d(Config.LOGTAG, AxolotlService.getLogprefix(finishedMessage.getConversation().getAccount())+" Received Message with session fingerprint: "+plaintextMessage.getFingerprint());
+			return finishedMessage;
+		} else {
+			return null;
 		}
-
-		return finishedMessage;
 	}
 
 	private class Invite {