From bd4fa8c75722c8b0fc9bc938e2e0956775e04cd4 Mon Sep 17 00:00:00 2001 From: Pete Walters Date: Mon, 18 Nov 2024 16:19:35 -0600 Subject: [PATCH] Drop message bodies longer than 2048 bytes --- SignalServiceKit/Messages/MessageReceiver.swift | 5 +++++ SignalUI/Views/BodyRanges/BodyRangesTextView.swift | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/SignalServiceKit/Messages/MessageReceiver.swift b/SignalServiceKit/Messages/MessageReceiver.swift index 0902532a274..b1a1413ed53 100644 --- a/SignalServiceKit/Messages/MessageReceiver.swift +++ b/SignalServiceKit/Messages/MessageReceiver.swift @@ -959,6 +959,11 @@ public final class MessageReceiver { return nil } + guard dataMessage.body?.utf8.count ?? 0 <= kOversizeTextMessageSizeThreshold else { + Logger.error("Dropping message with too large body: \(dataMessage.body?.utf8.count ?? 0)") + return nil + } + let body = dataMessage.body let bodyRanges = dataMessage.bodyRanges.isEmpty ? nil : MessageBodyRanges(protos: dataMessage.bodyRanges) let serverGuid = envelope.envelope.serverGuid.flatMap { UUID(uuidString: $0) } diff --git a/SignalUI/Views/BodyRanges/BodyRangesTextView.swift b/SignalUI/Views/BodyRanges/BodyRangesTextView.swift index 6d2d23ad811..5056cdf8292 100644 --- a/SignalUI/Views/BodyRanges/BodyRangesTextView.swift +++ b/SignalUI/Views/BodyRanges/BodyRangesTextView.swift @@ -840,7 +840,7 @@ extension BodyRangesTextView { editableBody.endEditing() } else if let string = UIPasteboard.general.strings?.first { editableBody.beginEditing() - editableBody.replaceCharacters(in: selectedRange, with: string, selectedRange: selectedRange) + editableBody.replaceCharacters(in: selectedRange, with: StringSanitizer.sanitize(string), selectedRange: selectedRange) editableBody.endEditing() // Put the selection at the end of the new range. self.selectedRange = NSRange(location: selectedRange.location + (string as NSString).length, length: 0)