Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: otr4j/otr4j
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: INPStarfall/otr4j
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Can’t automatically merge. Don’t worry, you can still create the pull request.
  • 5 commits
  • 1 file changed
  • 2 contributors

Commits on Jun 20, 2016

  1. toMessage Ensure version unique collection 

    Ensure AbstractMessage toMessage is a unique collection of versions as
per the OTRv3 specification by using a LinkedHashSet as the initial
container, copied to a concrete List for QueryMessage passing.
    @awilliamson
    awilliamson committed Jun 20, 2016
    Copy the full SHA
    166af8e View commit details

  2. Added blank ?OTR check in toMessage. 

    Messages such as '?OTR' would yield an OutOfBounds Exception when
attempting to determine contentType. This can be prevented by checking
if the message contains only the '?OTR' length or less and returning a
user-friendly error message.
    @awilliamson
    awilliamson committed Jun 20, 2016
    Copy the full SHA
    7ee4146 View commit details

  3. toMessage HEAD_QUERY_Q remove 'v' check. 

    HEAD_QUERY_Q check checks for '?OTR?'' only. As per the specification,
this can only be used to show OTRv1 willingness from a Client.
Therefore the 'v' check is surperfluous, as was also causing similar
CharAt Errors.
    @awilliamson
    awilliamson committed Jun 20, 2016
    Copy the full SHA
    5208ee1 View commit details

  4. ?OTRvX? Improvements 

    No trailing ? check was implemented for explicit OTR version queries.
These are invalid messages. Added a user-friendly error message if
trailing ? is missing, otherwise parse versionString as usual.
    @awilliamson
    awilliamson committed Jun 20, 2016
    Copy the full SHA
    42f1615 View commit details

  5. Merge pull request jitsi#1 from awilliamson/master 

    Fix various OTR message issues.
    @awilliamson
    awilliamson authored Jun 20, 2016
    Copy the full SHA
    e4f8d10 View commit details
Showing with 23 additions and 7 deletions.
  1. +23 −7 src/main/java/net/java/otr4j/io/SerializationUtils.java
30 changes: 23 additions & 7 deletions src/main/java/net/java/otr4j/io/SerializationUtils.java
View file
Original file line number Diff line number Diff line change
@@ -15,6 +15,7 @@
import java.nio.charset.Charset;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Vector;
import java.util.regex.Matcher;
@@ -277,6 +278,11 @@ public static AbstractMessage toMessage(String s) throws IOException {
// Message **contains** the string "?OTR". Check to see if it is an error message, a query message or a data
// message.

// Message == "?OTR" check. As this will cause OutOfBounds on s.charAt call.
if((idxHead + SerializationConstants.HEAD.length()) >= s.length()){
return new ErrorMessage(AbstractMessage.MESSAGE_ERROR, "Blank ?OTR message received.");
}

char contentType = s.charAt(idxHead + SerializationConstants.HEAD.length());
String content = s
.substring(idxHead + SerializationConstants.HEAD.length() + 1);
@@ -292,16 +298,25 @@ public static AbstractMessage toMessage(String s) throws IOException {
|| contentType == SerializationConstants.HEAD_QUERY_Q) {
// Query tag found.

List<Integer> versions = new Vector<Integer>();
// LinkedHashSet ensures that each item is unique, as required by the OTRv3 Specification.
LinkedHashSet<Integer> versions = new LinkedHashSet<Integer>();
String versionString = null;
if (SerializationConstants.HEAD_QUERY_Q == contentType) {
// ?OTR? specifies conformity to Version 1.
// Version numbers cannot follow a trailing '?' character.
// Therefore, this block can only show conformity to OTRv1, and shows
// the clients willingness to conform to this standard.
versions.add(OTRv.ONE);
if (content.charAt(0) == 'v') {
versionString = content.substring(1, content
.indexOf('?'));
}
} else if (SerializationConstants.HEAD_QUERY_V == contentType) {
versionString = content.substring(0, content.indexOf('?'));
// ?OTRvX? Format

// Check for a trailing ? character, otherwise the OTR message is invalid.
if(content.isEmpty() || content.charAt(content.length() - 1) != '?') {
return new ErrorMessage(AbstractMessage.MESSAGE_ERROR, "Invalid OTR Format!");
}
else {
versionString = content.substring(0, content.indexOf('?'));
}
}

if (versionString != null) {
@@ -312,7 +327,8 @@ public static AbstractMessage toMessage(String s) throws IOException {
versions.add(Integer.parseInt(String
.valueOf((char) c)));
}
QueryMessage query = new QueryMessage(versions);
// Create a concrete Type from the Abstract List for QueryMessage, passing in our unique collection.
QueryMessage query = new QueryMessage(new ArrayList<Integer>(versions));
return query;
} else if (idxHead == 0 && contentType == SerializationConstants.HEAD_ENCODED) {
// Data message found.