From 6da5c375040efc21a3dc7ccf916d7690de028eb7 Mon Sep 17 00:00:00 2001
From: AsamK <asamk@gmx.de>
Date: Sat, 23 May 2026 13:50:06 +0200
Subject: [PATCH] Prevent attaching files from the signal-cli data directory

---
 .../signal/manager/helper/AttachmentHelper.java | 17 +++++++++++++++++
 .../signal/manager/storage/SignalAccount.java   |  4 ++++
 2 files changed, 21 insertions(+)

diff --git a/lib/src/main/java/org/asamk/signal/manager/helper/AttachmentHelper.java b/lib/src/main/java/org/asamk/signal/manager/helper/AttachmentHelper.java
index afafeb24..e863be05 100644
--- a/lib/src/main/java/org/asamk/signal/manager/helper/AttachmentHelper.java
+++ b/lib/src/main/java/org/asamk/signal/manager/helper/AttachmentHelper.java
@@ -34,8 +34,10 @@ public class AttachmentHelper {
 
     private final SignalDependencies dependencies;
     private final AttachmentStore attachmentStore;
+    private final Context context;
 
     public AttachmentHelper(final Context context) {
+        this.context = context;
         this.dependencies = context.getDependencies();
         this.attachmentStore = context.getAttachmentStore();
     }
@@ -92,6 +94,21 @@ public class AttachmentHelper {
             final boolean voiceNote
     ) throws AttachmentInvalidException {
         try {
+            // Reject local files that point into the signal-cli data directory
+            if (attachment != null && !attachment.startsWith("data:")) {
+                try {
+                    final var file = new File(attachment);
+                    final var canonical = file.getCanonicalFile();
+                    final var dataPath = context.getAccount().getDataPath().getCanonicalFile();
+                    if (canonical.toPath().startsWith(dataPath.toPath())) {
+                        throw new AttachmentInvalidException(attachment,
+                                new IOException("Attaching files from the signal-cli data directory is not allowed"));
+                    }
+                } catch (IOException e) {
+                    throw new AttachmentInvalidException(attachment, e);
+                }
+            }
+
             final var streamDetailsAndFileName = Utils.createStreamDetails(attachment);
             final var streamDetails = streamDetailsAndFileName.first();
             final var uploadSpec = getResumableUploadSpec(streamDetails);
diff --git a/lib/src/main/java/org/asamk/signal/manager/storage/SignalAccount.java b/lib/src/main/java/org/asamk/signal/manager/storage/SignalAccount.java
index 35f600b6..c7a5c6d8 100644
--- a/lib/src/main/java/org/asamk/signal/manager/storage/SignalAccount.java
+++ b/lib/src/main/java/org/asamk/signal/manager/storage/SignalAccount.java
@@ -192,6 +192,10 @@ public class SignalAccount implements Closeable {
         this.lock = lock;
     }
 
+    public File getDataPath() {
+        return dataPath;
+    }
+
     public static SignalAccount load(
             File dataPath,
             String accountPath,