Miroirs/xwords
1
0
Fork 0
mirror of git://xwords.git.sourceforge.net/gitroot/xwords/xwords synced 2025-01-14 08:01:38 +01:00
Code Issues Projects Releases Packages Wiki Activity

for extra safety, move message hash into header where it can be part

Browse source 
of test whether message should be deleteted from sms inbox.
This commit is contained in:
Eric House 2012-04-24 07:19:52 -07:00
parent 9035f901b1
commit b68b8aa0d0
1 changed files with 21 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
xwords4/android/XWords4/src/org/eehouse/android/xw4/SMSService.java
View file

@ -141,11 +141,11 @@ public class SMSService extends Service {
public static String toPublicFmt( String msg ) public static String toPublicFmt( String msg )
{ {
String result; int msglen = XWApp.SMS_PUBLIC_HEADER.length() + 4 + 1 + msg.length();
int msglen = msg.length() + 1 + XWApp.SMS_PUBLIC_HEADER.length();
int urllen = INSTALL_URL.length(); int urllen = INSTALL_URL.length();
result = String.format( "%s %s%s", XWApp.SMS_PUBLIC_HEADER, String result = String.format( "%s%04X %s%s", XWApp.SMS_PUBLIC_HEADER,
msglen + urllen < MAX_SMS_LEN ? INSTALL_URL : "", msg.hashCode() & 0xFFFF,
msglen + urllen < MAX_SMS_LEN? INSTALL_URL : "",
msg ); msg );
return result; return result;
} }
@ -154,9 +154,22 @@ public class SMSService extends Service {
{ {
String result = null; String result = null;
if ( null != msg && msg.startsWith( XWApp.SMS_PUBLIC_HEADER ) ) { if ( null != msg && msg.startsWith( XWApp.SMS_PUBLIC_HEADER ) ) {
int index = msg.lastIndexOf( " " ); // Number format exception etc. can result from malicious
if ( 0 <= index ) { // messages. Be safe: use try;
result = msg.substring( index + 1 ); try {
String tmp = msg.substring( 1 + msg.lastIndexOf( " " ) );
int headerLen = XWApp.SMS_PUBLIC_HEADER.length();
String hashString =
msg.substring( headerLen, headerLen + 4 );
int hashRead = Integer.parseInt( hashString, 16 );
int hashCode = 0xFFFF & tmp.hashCode();
if ( hashRead == hashCode ) {
result = tmp;
} else {
DbgUtils.logf( "fromPublicFmt: hash code mismatch" );
}
} catch( Exception e ) {
} }
} }
return result; return result;
@ -324,14 +337,10 @@ public class SMSService extends Service {
throws java.io.IOException throws java.io.IOException
{ {
DbgUtils.logf( "non-static SMSService.sendPacket()" ); DbgUtils.logf( "non-static SMSService.sendPacket()" );
int hash = Arrays.hashCode( bytes );
DbgUtils.logf( "SMSService: outgoing hash on %d bytes: %X",
bytes.length, hash );
ByteArrayOutputStream bas = new ByteArrayOutputStream( 128 ); ByteArrayOutputStream bas = new ByteArrayOutputStream( 128 );
DataOutputStream das = new DataOutputStream( bas ); DataOutputStream das = new DataOutputStream( bas );
das.writeByte( SMS_PROTO_VERSION ); das.writeByte( SMS_PROTO_VERSION );
das.writeByte( cmd.ordinal() ); das.writeByte( cmd.ordinal() );
das.writeInt( hash );
das.write( bytes, 0, bytes.length ); das.write( bytes, 0, bytes.length );
das.flush(); das.flush();
@ -472,18 +481,9 @@ public class SMSService extends Service {
proto ); proto );
} else { } else {
SMS_CMD cmd = SMS_CMD.values()[dis.readByte()]; SMS_CMD cmd = SMS_CMD.values()[dis.readByte()];
int hashRead = dis.readInt();
DbgUtils.logf( "SMSService: incoming hash: %X", hashRead );
byte[] rest = new byte[dis.available()]; byte[] rest = new byte[dis.available()];
dis.read( rest ); dis.read( rest );
int hashComputed = Arrays.hashCode( rest ); receive( cmd, rest, senderPhone );
if ( hashComputed == hashRead ) {
receive( cmd, rest, senderPhone );
} else {
DbgUtils.logf( "SMSService: incoming hashes on %d bytes "
+ "DON'T match: read: %X; figured: %X",
rest.length, hashRead, hashComputed );
}
} }
} catch ( java.io.IOException ioe ) { } catch ( java.io.IOException ioe ) {
DbgUtils.logf( "disAssemble: ioe: %s", ioe.toString() ); DbgUtils.logf( "disAssemble: ioe: %s", ioe.toString() );