fix(types,blahd): reject timestamps > i64::MAX

2025-06-30 19:45:34 +00:00 · 2024-09-24 20:36:27 -04:00 · 2024-09-24 20:36:27 -04:00 · a38b59da84
commit a38b59da84
parent c4fbf1294b
5 changed files with 27 additions and 12 deletions
--- a/blahd/src/database.rs
+++ b/blahd/src/database.rs
@ -432,8 +432,7 @@ pub trait TransactionOps {
            stmt.execute(named_params! {
                ":uid": uid,
                ":act_key": kdesc.signee.payload.act_key,
-                // FIXME: Other `u64` that will be stored in database should also be range checked.
-                ":expire_time": kdesc.signee.payload.expire_time.min(i64::MAX as _),
+                ":expire_time": i64::try_from(kdesc.signee.payload.expire_time).expect("verified timestamp"),
            })?;
        }

@ -537,7 +536,7 @@ pub trait TransactionOps {
    fn add_room_chat_msg(&self, rid: Id, uid: i64, cid: Id, chat: &SignedChatMsg) -> Result<()> {
        let conn = self.conn();
        let act_key = &chat.signee.user.act_key;
-        let timestamp = chat.signee.timestamp;
+        let timestamp = i64::try_from(chat.signee.timestamp).expect("verified timestamp");
        let nonce = chat.signee.nonce;
        let rich_text = &chat.signee.payload.rich_text;
        let sig = &chat.sig;
--- a/blahd/src/lib.rs
+++ b/blahd/src/lib.rs
@ -1,6 +1,6 @@
 use std::num::NonZero;
 use std::sync::Arc;
-use std::time::{Duration, SystemTime};
+use std::time::Duration;

 use anyhow::Result;
 use axum::extract::{ws, OriginalUri};
@ -11,8 +11,8 @@ use axum::routing::{get, post};
 use axum::{Json, Router};
 use axum_extra::extract::WithRejection as R;
 use blah_types::{
-    ChatPayload, CreateGroup, CreatePeerChat, CreateRoomPayload, DeleteRoomPayload, Id,
-    MemberPermission, RoomAdminOp, RoomAdminPayload, RoomAttrs, RoomMetadata, ServerPermission,
+    get_timestamp, ChatPayload, CreateGroup, CreatePeerChat, CreateRoomPayload, DeleteRoomPayload,
+    Id, MemberPermission, RoomAdminOp, RoomAdminPayload, RoomAttrs, RoomMetadata, ServerPermission,
    Signed, SignedChatMsg, UserKey, UserRegisterPayload, WithMsgId, X_BLAH_DIFFICULTY,
    X_BLAH_NONCE,
 };
@ -103,11 +103,7 @@ impl AppState {

    fn verify_signed_data<T: Serialize>(&self, data: &Signed<T>) -> Result<(), ApiError> {
        api_ensure!(data.verify().is_ok(), "signature verification failed");
-        let timestamp_diff = SystemTime::now()
-            .duration_since(SystemTime::UNIX_EPOCH)
-            .expect("after UNIX epoch")
-            .as_secs()
-            .abs_diff(data.signee.timestamp);
+        let timestamp_diff = get_timestamp().abs_diff(data.signee.timestamp);
        api_ensure!(
            timestamp_diff <= self.config.timestamp_tolerance_secs,
            "invalid timestamp",