Merge pull request #5801 from matrix-org/erikj/recursive_tombstone

Don't allow clients to send tombstones that reference the same room

2 files changed, 10 insertions, 0 deletions

diff --git a/changelog.d/5801.misc b/changelog.d/5801.misc
new file mode 100644

index 0000000000..e19854de82
--- /dev/null
+++ b/changelog.d/5801.misc
@@ -0,0 +1 @@
+Don't allow clients to send tombstone events that reference the room it's sent in.
diff --git a/synapse/events/validator.py b/synapse/events/validator.py

index f7ffd1d561..6374dd067d 100644
--- a/synapse/events/validator.py
+++ b/synapse/events/validator.py
@@ -106,6 +106,15 @@ class EventValidator(object):
             if event.content["membership"] not in Membership.LIST:
                 raise SynapseError(400, "Invalid membership key")
 
+        elif event.type == EventTypes.Tombstone:
+            if "replacement_room" not in event.content:
+                raise SynapseError(400, "Content has no replacement_room key")
+
+            if event.content["replacement_room"] == event.room_id:
+                raise SynapseError(
+                    400, "Tombstone cannot reference the room it was sent in"
+                )
+
     def _ensure_strings(self, d, keys):
         for s in keys:
             if s not in d: