summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorRichard van der Hoff <github@rvanderhoff.org.uk>2017-11-29 16:01:33 +0000
committerGitHub <noreply@github.com>2017-11-29 16:01:33 +0000
commit8b45de90a43b769c4c88db3d15afa9c47cc22c18 (patch)
treedf3584c20b0cadd0a23959de034888e6d0ce1799 /synapse
parentMerge pull request #2715 from matrix-org/luke/group-guest-access (diff)
parentFix 500 when joining matrix-dev (diff)
downloadsynapse-8b45de90a43b769c4c88db3d15afa9c47cc22c18.tar.xz
Merge pull request #2719 from matrix-org/rav/handle_missing_hashes
Fix 500 when joining matrix-dev
Diffstat (limited to 'synapse')
-rw-r--r--synapse/crypto/event_signing.py13
1 files changed, 10 insertions, 3 deletions
diff --git a/synapse/crypto/event_signing.py b/synapse/crypto/event_signing.py
index 0d0e7b5286..aaa3efaca3 100644
--- a/synapse/crypto/event_signing.py
+++ b/synapse/crypto/event_signing.py
@@ -32,15 +32,22 @@ def check_event_content_hash(event, hash_algorithm=hashlib.sha256):
     """Check whether the hash for this PDU matches the contents"""
     name, expected_hash = compute_content_hash(event, hash_algorithm)
     logger.debug("Expecting hash: %s", encode_base64(expected_hash))
-    if name not in event.hashes:
+
+    # some malformed events lack a 'hashes'. Protect against it being missing
+    # or a weird type by basically treating it the same as an unhashed event.
+    hashes = event.get("hashes")
+    if not isinstance(hashes, dict):
+        raise SynapseError(400, "Malformed 'hashes'", Codes.UNAUTHORIZED)
+
+    if name not in hashes:
         raise SynapseError(
             400,
             "Algorithm %s not in hashes %s" % (
-                name, list(event.hashes),
+                name, list(hashes),
             ),
             Codes.UNAUTHORIZED,
         )
-    message_hash_base64 = event.hashes[name]
+    message_hash_base64 = hashes[name]
     try:
         message_hash_bytes = decode_base64(message_hash_base64)
     except Exception: