Fix a a session with a higher minimum index being able to overwrite an older one

This commit is contained in:
Nicolas Werner 2021-04-20 14:19:07 +02:00
parent 95a603fd62
commit 20c1ca2aae
No known key found for this signature in database
GPG key ID: C8D75E610773F2D9

View file

@ -374,6 +374,18 @@ Cache::saveInboundMegolmSession(const MegolmSessionIndex &index,
const auto pickled = pickle<InboundSessionObject>(session.get(), SECRET);
auto txn = lmdb::txn::begin(env_);
std::string_view value;
if (inboundMegolmSessionDb_.get(txn, key, value)) {
auto oldSession = unpickle<InboundSessionObject>(std::string(value), SECRET);
if (olm_inbound_group_session_first_known_index(session.get()) >
olm_inbound_group_session_first_known_index(oldSession.get())) {
nhlog::crypto()->warn(
"Not storing inbound session with newer first known index");
return;
}
}
inboundMegolmSessionDb_.put(txn, key, pickled);
txn.commit();
}