From 58fd9ddb273a321c82f92b4ee092a41e4ee9e687 Mon Sep 17 00:00:00 2001 From: Katherine Yen Date: Tue, 8 Aug 2023 10:54:25 -0700 Subject: [PATCH] Count profile data that cannot be parsed as base64 --- .../textsecuregcm/storage/Profiles.java | 36 ++++++++++++++++--- 1 file changed, 32 insertions(+), 4 deletions(-) diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/storage/Profiles.java b/service/src/main/java/org/whispersystems/textsecuregcm/storage/Profiles.java index 970979458..6ee68bfca 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/storage/Profiles.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/storage/Profiles.java @@ -8,9 +8,11 @@ package org.whispersystems.textsecuregcm.storage; import static org.whispersystems.textsecuregcm.metrics.MetricsUtil.name; import com.google.common.annotations.VisibleForTesting; +import io.micrometer.core.instrument.Counter; import io.micrometer.core.instrument.Metrics; import io.micrometer.core.instrument.Timer; import java.util.ArrayList; +import java.util.Base64; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -76,6 +78,12 @@ public class Profiles { private static final Timer GET_PROFILE_TIMER = Metrics.timer(name(Profiles.class, "get")); private static final Timer DELETE_PROFILES_TIMER = Metrics.timer(name(Profiles.class, "delete")); + private static final Counter INVALID_NAME_COUNTER = Metrics.counter(name(Profiles.class, "invalidProfileData"), "field", "name"); + private static final Counter INVALID_EMOJI_COUNTER = Metrics.counter(name(Profiles.class, "invalidProfileData"), "field", "emoji"); + private static final Counter INVALID_ABOUT_COUNTER = Metrics.counter(name(Profiles.class, "invalidProfileData"), "field", "about"); + private static final Counter INVALID_PAYMENT_ADDRESS_COUNTER = Metrics.counter(name(Profiles.class, "invalidProfileData"), "field", "paymentAddress"); + + public Profiles(final DynamoDbClient dynamoDbClient, final DynamoDbAsyncClient dynamoDbAsyncClient, final String tableName) { @@ -224,16 +232,36 @@ public class Profiles { } private static VersionedProfile fromItem(final Map item) { + final String name = AttributeValues.getString(item, ATTR_NAME, null); + final String emoji = AttributeValues.getString(item, ATTR_EMOJI, null); + final String about = AttributeValues.getString(item, ATTR_ABOUT, null); + final String paymentAddress = AttributeValues.getString(item, ATTR_PAYMENT_ADDRESS, null); + + checkValidBase64(name, INVALID_NAME_COUNTER); + checkValidBase64(emoji, INVALID_EMOJI_COUNTER); + checkValidBase64(about, INVALID_ABOUT_COUNTER); + checkValidBase64(paymentAddress, INVALID_PAYMENT_ADDRESS_COUNTER); + return new VersionedProfile( AttributeValues.getString(item, ATTR_VERSION, null), - AttributeValues.getString(item, ATTR_NAME, null), + name, AttributeValues.getString(item, ATTR_AVATAR, null), - AttributeValues.getString(item, ATTR_EMOJI, null), - AttributeValues.getString(item, ATTR_ABOUT, null), - AttributeValues.getString(item, ATTR_PAYMENT_ADDRESS, null), + emoji, + about, + paymentAddress, AttributeValues.getByteArray(item, ATTR_COMMITMENT, null)); } + private static void checkValidBase64(final String value, final Counter counter) { + if (StringUtils.isNotBlank(value)) { + try { + Base64.getDecoder().decode(value); + } catch (final IllegalArgumentException e) { + counter.increment(); + } + } + } + public void deleteAll(final UUID uuid) { DELETE_PROFILES_TIMER.record(() -> { final AttributeValue uuidAttributeValue = AttributeValues.fromUUID(uuid);