do not leak group names on forwarding, add tests for that (#2719)

* add a test to check no possibly sensible data are forwarded * do not leak group names on forwarding * adapt existing test
2026-04-26 01:46:34 +03:00 · 2021-09-30 13:19:37 +02:00
parent 82819a642f
commit 30a3da97da
2 changed files with 45 additions and 3 deletions
--- a/src/chat.rs
+++ b/src/chat.rs
@@ -25,7 +25,7 @@ use crate::context::Context;
 use crate::dc_tools::{
    dc_create_id, dc_create_outgoing_rfc724_mid, dc_create_smeared_timestamp,
    dc_create_smeared_timestamps, dc_get_abs_path, dc_gm2local_offset, improve_single_line_input,
-    remove_subject_prefix, time, IsNoneOrEmpty,
+    time, IsNoneOrEmpty,
 };
 use crate::ephemeral::{delete_expired_messages, schedule_ephemeral_task, Timer as EphemeralTimer};
 use crate::events::EventType;
@@ -2750,7 +2750,8 @@ pub async fn forward_msgs(context: &Context, msg_ids: &[MsgId], chat_id: ChatId)
            msg.param.remove(Param::Cmd);
            msg.param.remove(Param::OverrideSenderDisplayname);

-            msg.subject = format!("Fwd: {}", remove_subject_prefix(&msg.subject));
+            // do not leak data as group names; a default subject is generated by mimfactory
+            msg.subject = "".to_string();

            let new_msg_id: MsgId;
            if msg.state == MessageState::OutPreparing {
@@ -4176,6 +4177,47 @@ mod tests {
        Ok(())
    }

+    #[async_std::test]
+    async fn test_only_minimal_data_are_forwarded() -> Result<()> {
+        // send a message from Alice to a group with Bob
+        let alice = TestContext::new_alice().await;
+        alice
+            .set_config(Config::Displayname, Some("secretname"))
+            .await?;
+        let bob_id = Contact::create(&alice, "bob", "bob@example.net").await?;
+        let group_id =
+            create_group_chat(&alice, ProtectionStatus::Unprotected, "secretgrpname").await?;
+        add_contact_to_chat(&alice, group_id, bob_id).await?;
+        let mut msg = Message::new(Viewtype::Text);
+        msg.set_text(Some("bla foo".to_owned()));
+        let sent_msg = alice.send_msg(group_id, &mut msg).await;
+        assert!(sent_msg.payload().contains("secretgrpname"));
+        assert!(sent_msg.payload().contains("secretname"));
+        assert!(sent_msg.payload().contains("alice"));
+
+        // Bob forwards that message to Claire -
+        // Claire should not get information about Alice for the original Group
+        let bob = TestContext::new_bob().await;
+        bob.recv_msg(&sent_msg).await;
+        let orig_msg = bob.get_last_msg().await;
+        let claire_id = Contact::create(&bob, "claire", "claire@foo").await?;
+        let single_id = ChatId::create_for_contact(&bob, claire_id).await?;
+        let group_id = create_group_chat(&bob, ProtectionStatus::Unprotected, "group2").await?;
+        add_contact_to_chat(&bob, group_id, claire_id).await?;
+        for chat_id in &[single_id, group_id] {
+            forward_msgs(&bob, &[orig_msg.id], *chat_id).await?;
+            let sent_msg = bob.pop_sent_msg().await;
+            assert!(sent_msg
+                .payload()
+                .contains("---------- Forwarded message ----------"));
+            assert!(!sent_msg.payload().contains("secretgrpname"));
+            assert!(!sent_msg.payload().contains("secretname"));
+            assert!(!sent_msg.payload().contains("alice"));
+        }
+
+        Ok(())
+    }
+
    #[async_std::test]
    async fn test_can_send_group() -> Result<()> {
        let alice = TestContext::new_alice().await;