Fix error in is_mine_id when encountering a malformed ID (#13746)

Previously, `is_mine_id` would raise an exception when passed an ID with
no colons. Return `False` instead.

Fixes #13040.

Signed-off-by: Sean Quah <seanq@matrix.org>
This commit is contained in:
Sean Quah 2022-09-08 15:54:36 +01:00 committed by GitHub
parent cf11919ddd
commit 8ef0c8ff14
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 37 additions and 2 deletions

1
changelog.d/13746.bugfix Normal file
View file

@ -0,0 +1 @@
Fix a long standing bug where Synapse would fail to handle malformed user IDs or room aliases gracefully in certain cases.

View file

@ -341,7 +341,17 @@ class HomeServer(metaclass=abc.ABCMeta):
return domain_specific_string.domain == self.hostname return domain_specific_string.domain == self.hostname
def is_mine_id(self, string: str) -> bool: def is_mine_id(self, string: str) -> bool:
return string.split(":", 1)[1] == self.hostname """Determines whether a user ID or room alias originates from this homeserver.
Returns:
`True` if the hostname part of the user ID or room alias matches this
homeserver.
`False` otherwise, or if the user ID or room alias is malformed.
"""
localpart_hostname = string.split(":", 1)
if len(localpart_hostname) < 2:
return False
return localpart_hostname[1] == self.hostname
@cache_in_self @cache_in_self
def get_clock(self) -> Clock: def get_clock(self) -> Clock:

View file

@ -13,11 +13,35 @@
# limitations under the License. # limitations under the License.
from synapse.api.errors import SynapseError from synapse.api.errors import SynapseError
from synapse.types import RoomAlias, UserID, map_username_to_mxid_localpart from synapse.types import (
RoomAlias,
UserID,
get_domain_from_id,
get_localpart_from_id,
map_username_to_mxid_localpart,
)
from tests import unittest from tests import unittest
class IsMineIDTests(unittest.HomeserverTestCase):
def test_is_mine_id(self) -> None:
self.assertTrue(self.hs.is_mine_id("@user:test"))
self.assertTrue(self.hs.is_mine_id("#room:test"))
self.assertTrue(self.hs.is_mine_id("invalid:test"))
self.assertFalse(self.hs.is_mine_id("@user:test\0"))
self.assertFalse(self.hs.is_mine_id("@user"))
def test_two_colons(self) -> None:
"""Test handling of IDs containing more than one colon."""
# The domain starts after the first colon.
# These functions must interpret things consistently.
self.assertFalse(self.hs.is_mine_id("@user:test:test"))
self.assertEqual("user", get_localpart_from_id("@user:test:test"))
self.assertEqual("test:test", get_domain_from_id("@user:test:test"))
class UserIDTestCase(unittest.HomeserverTestCase): class UserIDTestCase(unittest.HomeserverTestCase):
def test_parse(self): def test_parse(self):
user = UserID.from_string("@1234abcd:test") user = UserID.from_string("@1234abcd:test")