From 0af13fc746d7101bfa5af7fe68e10178d22fa7f7 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Thu, 6 Oct 2016 22:05:18 +0200 Subject: be more careful parsing integers in omemo --- .../eu/siacs/conversations/crypto/axolotl/XmppAxolotlMessage.java | 8 ++++++-- src/main/java/eu/siacs/conversations/parser/IqParser.java | 8 ++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlMessage.java b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlMessage.java index e8ec5426..0b3164f8 100644 --- a/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlMessage.java +++ b/src/main/java/eu/siacs/conversations/crypto/axolotl/XmppAxolotlMessage.java @@ -91,7 +91,11 @@ public class XmppAxolotlMessage { private XmppAxolotlMessage(final Element axolotlMessage, final Jid from) throws IllegalArgumentException { this.from = from; Element header = axolotlMessage.findChild(HEADER); - this.sourceDeviceId = Integer.parseInt(header.getAttribute(SOURCEID)); + try { + this.sourceDeviceId = Integer.parseInt(header.getAttribute(SOURCEID)); + } catch (NumberFormatException e) { + throw new IllegalArgumentException("invalid source id"); + } List keyElements = header.getChildren(); this.keys = new HashMap<>(keyElements.size()); for (Element keyElement : keyElements) { @@ -102,7 +106,7 @@ public class XmppAxolotlMessage { byte[] key = Base64.decode(keyElement.getContent().trim(), Base64.DEFAULT); this.keys.put(recipientId, key); } catch (NumberFormatException e) { - throw new IllegalArgumentException(e); + throw new IllegalArgumentException("invalid remote id"); } break; case IVTAG: diff --git a/src/main/java/eu/siacs/conversations/parser/IqParser.java b/src/main/java/eu/siacs/conversations/parser/IqParser.java index a679d00c..49b0db21 100644 --- a/src/main/java/eu/siacs/conversations/parser/IqParser.java +++ b/src/main/java/eu/siacs/conversations/parser/IqParser.java @@ -139,7 +139,11 @@ public class IqParser extends AbstractParser implements OnIqPacketReceived { if(signedPreKeyPublic == null) { return null; } - return Integer.valueOf(signedPreKeyPublic.getAttribute("signedPreKeyId")); + try { + return Integer.valueOf(signedPreKeyPublic.getAttribute("signedPreKeyId")); + } catch (NumberFormatException e) { + return null; + } } public ECPublicKey signedPreKeyPublic(final Element bundle) { @@ -255,7 +259,7 @@ public class IqParser extends AbstractParser implements OnIqPacketReceived { Integer signedPreKeyId = signedPreKeyId(bundleElement); byte[] signedPreKeySignature = signedPreKeySignature(bundleElement); IdentityKey identityKey = identityKey(bundleElement); - if(signedPreKeyPublic == null || identityKey == null) { + if(signedPreKeyId == null || signedPreKeyPublic == null || identityKey == null) { return null; } -- cgit v1.2.3