forked from MirrorHub/synapse
Reject boolean power levels (#14944)
* Better test for bad values in power levels events The previous test only checked that Synapse didn't raise an exception, but didn't check that we had correctly interpreted the value of the dodgy power level. It also conflated two things: bad room notification levels, and bad user levels. There _is_ logic for converting the latter to integers, but we should test it separately. * Check we ignore types that don't convert to int * Handle `None` values in `notifications.room` * Changelog * Also test that bad values are rejected by event auth * Docstring * linter scripttttttttt * Test boolean values in PL content * Reject boolean power levels * Changelog
This commit is contained in:
parent
796a4b7482
commit
a134e626e4
4 changed files with 7 additions and 6 deletions
1
changelog.d/14944.bugfix
Normal file
1
changelog.d/14944.bugfix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Fix a bug introduced in Synapse v1.64 where boolean power levels were erroneously permitted in [v10 rooms](https://spec.matrix.org/v1.5/rooms/v10/).
|
|
@ -875,11 +875,11 @@ def _check_power_levels(
|
||||||
"kick",
|
"kick",
|
||||||
"invite",
|
"invite",
|
||||||
}:
|
}:
|
||||||
if not isinstance(v, int):
|
if type(v) is not int:
|
||||||
raise SynapseError(400, f"{v!r} must be an integer.")
|
raise SynapseError(400, f"{v!r} must be an integer.")
|
||||||
if k in {"events", "notifications", "users"}:
|
if k in {"events", "notifications", "users"}:
|
||||||
if not isinstance(v, collections.abc.Mapping) or not all(
|
if not isinstance(v, collections.abc.Mapping) or not all(
|
||||||
isinstance(v, int) for v in v.values()
|
type(v) is int for v in v.values()
|
||||||
):
|
):
|
||||||
raise SynapseError(
|
raise SynapseError(
|
||||||
400,
|
400,
|
||||||
|
|
|
@ -648,10 +648,10 @@ def _copy_power_level_value_as_integer(
|
||||||
) -> None:
|
) -> None:
|
||||||
"""Set `power_levels[key]` to the integer represented by `old_value`.
|
"""Set `power_levels[key]` to the integer represented by `old_value`.
|
||||||
|
|
||||||
:raises TypeError: if `old_value` is not an integer, nor a base-10 string
|
:raises TypeError: if `old_value` is neither an integer nor a base-10 string
|
||||||
representation of an integer.
|
representation of an integer.
|
||||||
"""
|
"""
|
||||||
if isinstance(old_value, int):
|
if type(old_value) is int:
|
||||||
power_levels[key] = old_value
|
power_levels[key] = old_value
|
||||||
return
|
return
|
||||||
|
|
||||||
|
@ -679,7 +679,7 @@ def validate_canonicaljson(value: Any) -> None:
|
||||||
* Floats
|
* Floats
|
||||||
* NaN, Infinity, -Infinity
|
* NaN, Infinity, -Infinity
|
||||||
"""
|
"""
|
||||||
if isinstance(value, int):
|
if type(value) is int:
|
||||||
if value < CANONICALJSON_MIN_INT or CANONICALJSON_MAX_INT < value:
|
if value < CANONICALJSON_MIN_INT or CANONICALJSON_MAX_INT < value:
|
||||||
raise SynapseError(400, "JSON integer out of range", Codes.BAD_JSON)
|
raise SynapseError(400, "JSON integer out of range", Codes.BAD_JSON)
|
||||||
|
|
||||||
|
|
|
@ -280,7 +280,7 @@ def event_from_pdu_json(pdu_json: JsonDict, room_version: RoomVersion) -> EventB
|
||||||
_strip_unsigned_values(pdu_json)
|
_strip_unsigned_values(pdu_json)
|
||||||
|
|
||||||
depth = pdu_json["depth"]
|
depth = pdu_json["depth"]
|
||||||
if not isinstance(depth, int):
|
if type(depth) is not int:
|
||||||
raise SynapseError(400, "Depth %r not an intger" % (depth,), Codes.BAD_JSON)
|
raise SynapseError(400, "Depth %r not an intger" % (depth,), Codes.BAD_JSON)
|
||||||
|
|
||||||
if depth < 0:
|
if depth < 0:
|
||||||
|
|
Loading…
Reference in a new issue