nik/signal-cli
1
0
Fork 0
mirror of https://github.com/AsamK/signal-cli.git synced 2026-05-30 15:14:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Normalize attachment ids

Browse Source
This commit is contained in:
AsamK 2026-05-23 14:17:28 +02:00
parent 6da5c37504
commit 46ce552589
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/src/main/java/org/asamk/signal/manager/storage/AttachmentStore.java
View File

@ -44,7 +44,8 @@ public class AttachmentStore {
} }
public StreamDetails retrieveAttachment(final String id) throws IOException { public StreamDetails retrieveAttachment(final String id) throws IOException {
final var attachmentFile = new File(attachmentsPath, id); final var safeId = sanitizeId(id);
final var attachmentFile = new File(attachmentsPath, safeId);
return Utils.createStreamDetailsFromFile(attachmentFile); return Utils.createStreamDetailsFromFile(attachmentFile);
} }
@ -61,7 +62,8 @@ public class AttachmentStore {
Optional<String> contentType Optional<String> contentType
) { ) {
final var extension = getAttachmentExtension(filename, contentType); final var extension = getAttachmentExtension(filename, contentType);
return new File(attachmentsPath, attachmentId.toString() + extension + ".preview"); final var safe = sanitizeId(attachmentId.toString());
return new File(attachmentsPath, safe + extension + ".preview");
} }
private File getAttachmentFile( private File getAttachmentFile(
@ -70,7 +72,15 @@ public class AttachmentStore {
Optional<String> contentType Optional<String> contentType
) { ) {
final var extension = getAttachmentExtension(filename, contentType); final var extension = getAttachmentExtension(filename, contentType);
return new File(attachmentsPath, attachmentId.toString() + extension); final var safe = sanitizeId(attachmentId.toString());
return new File(attachmentsPath, safe + extension);
}
private static String sanitizeId(final String id) {
if (id == null) {
return "";
}
return id.replaceAll("[^A-Za-z0-9_.-]", "_");
} }
private static String getAttachmentExtension(final Optional<String> filename, final Optional<String> contentType) { private static String getAttachmentExtension(final Optional<String> filename, final Optional<String> contentType) {