Bug 34048 - Interprets google:jingleinfo (and other, less important) stanzas from senders other than the server.
Summary: Interprets google:jingleinfo (and other, less important) stanzas from senders...
Status: RESOLVED FIXED
Alias: None
Product: Telepathy
Classification: Unclassified
Component: gabble (show other bugs)
Version: unspecified
Hardware: Other All
: medium normal
Assignee: Will Thompson
QA Contact: Will Thompson
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-02-08 11:09 UTC by Will Thompson
Modified: 2011-02-16 09:09 UTC (History)
1 user (show)

See Also:
i915 platform:
i915 features:


Attachments
Fix for the jingleinfo issue, applicable to 0.10 and 0.11 (2.13 KB, patch)
2011-02-08 11:20 UTC, Will Thompson
Details | Splinter Review
Fix for the jingleinfo issue, applicable to 0.8 (2.19 KB, patch)
2011-02-08 11:20 UTC, Will Thompson
Details | Splinter Review
Fix, applicable to 0.7.6 (and other early 0.7.x revisions) (2.28 KB, patch)
2011-02-15 03:34 UTC, Will Thompson
Details | Splinter Review

Note You need to log in before you can comment on or make changes to this bug.
Description Will Thompson 2011-02-08 11:09:34 UTC

    
Comment 1 Will Thompson 2011-02-08 11:19:08 UTC
In a number of places, Gabble does not perform adequate checking on the sender of a stanza before processing it:

• In conn-mail-notif.c, a contact can cause Gabble to poll the server for new mail. This is harmless: contacts can waste your bandwidth in other ways.
• In conn-presence.c, a contact can fake a Google Shared Status update, causing our local perception of our status (but not our *actual* status) to be incorrect. This is annoying, but is not crucially important, and this code is not present on any stable branch.
• Also in conn-presence.c, a contact can cause Gabble to poll the server for the contents of the privacy list named "invisible"; it cannot cause Gabble to change its status or to modify the privacy list or our current visibility, so this is simply a(nother) way to waste bandwidth.
• In jingle-factory.c, a malicious contact can trick Gabble into relaying media through a server of their choosing. This allows any contact to intercept your audio and video calls (as opposed to only attacker who can passively intercept your network traffic, which is the normal state of affairs for unencrypted calls).
Comment 2 Will Thompson 2011-02-08 11:20:20 UTC
Created attachment 43124 [details] [review]
Fix for the jingleinfo issue, applicable to 0.10 and 0.11
Comment 3 Will Thompson 2011-02-08 11:20:36 UTC
Created attachment 43125 [details] [review]
Fix for the jingleinfo issue, applicable to 0.8
Comment 4 Sjoerd Simons 2011-02-09 02:29:35 UTC
Both patches look good to me
Comment 5 Will Thompson 2011-02-15 03:34:33 UTC
Created attachment 43369 [details] [review]
Fix, applicable to 0.7.6 (and other early 0.7.x revisions)
Comment 6 Will Thompson 2011-02-16 08:55:53 UTC
As committed to master, and released in 0.11.7: <http://git.collabora.co.uk/?p=telepathy-gabble.git;a=commitdiff;h=158c988>
As committed to 0.10, and released in 0.10.5: <http://git.collabora.co.uk/?p=telepathy-gabble.git;a=commitdiff;h=5b9ee62>
As committed to 0.8, and released in 0.8.15: <http://git.collabora.co.uk/?p=telepathy-gabble.git;a=commitdiff;h=ed73e1f>
Comment 7 Will Thompson 2011-02-16 09:09:52 UTC
Fixed in telepathy-gabble 0.8.15, 0.10.5 and 0.11.7.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.