From 6239508b3945422f46d3bc15dd46e94a1c612c3f Mon Sep 17 00:00:00 2001
From: Moxie Marlinspike <moxie@thoughtcrime.org>
Date: Fri, 16 Feb 2018 11:13:20 -0800
Subject: [PATCH] Clean file names for belt and suspenders

---
 .../securesms/database/AttachmentDatabase.java         |  8 ++++----
 src/org/thoughtcrime/securesms/mms/DocumentSlide.java  |  3 ++-
 src/org/thoughtcrime/securesms/util/StorageUtil.java   | 10 ++++++++++
 3 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/src/org/thoughtcrime/securesms/database/AttachmentDatabase.java b/src/org/thoughtcrime/securesms/database/AttachmentDatabase.java
index 8793317d54..bce726012b 100644
--- a/src/org/thoughtcrime/securesms/database/AttachmentDatabase.java
+++ b/src/org/thoughtcrime/securesms/database/AttachmentDatabase.java
@@ -46,6 +46,7 @@ import org.thoughtcrime.securesms.mms.MmsException;
 import org.thoughtcrime.securesms.mms.PartAuthority;
 import org.thoughtcrime.securesms.util.MediaUtil;
 import org.thoughtcrime.securesms.util.MediaUtil.ThumbnailData;
+import org.thoughtcrime.securesms.util.StorageUtil;
 import org.thoughtcrime.securesms.util.Util;
 import org.thoughtcrime.securesms.video.EncryptedMediaDataSource;
 
@@ -346,7 +347,7 @@ public class AttachmentDatabase extends Database {
     SQLiteDatabase database = databaseHelper.getWritableDatabase();
 
     ContentValues contentValues = new ContentValues(1);
-    contentValues.put(FILE_NAME, fileName);
+    contentValues.put(FILE_NAME, StorageUtil.getCleanFileName(fileName));
 
     database.update(TABLE_NAME, contentValues, PART_ID_WHERE, attachmentId.toStrings());
   }
@@ -488,7 +489,7 @@ public class AttachmentDatabase extends Database {
                                   cursor.getString(cursor.getColumnIndexOrThrow(CONTENT_TYPE)),
                                   cursor.getInt(cursor.getColumnIndexOrThrow(TRANSFER_STATE)),
                                   cursor.getLong(cursor.getColumnIndexOrThrow(SIZE)),
-                                  cursor.getString(cursor.getColumnIndexOrThrow(FILE_NAME)),
+                                  StorageUtil.getCleanFileName(cursor.getString(cursor.getColumnIndexOrThrow(FILE_NAME))),
                                   cursor.getString(cursor.getColumnIndexOrThrow(CONTENT_LOCATION)),
                                   cursor.getString(cursor.getColumnIndexOrThrow(CONTENT_DISPOSITION)),
                                   cursor.getString(cursor.getColumnIndexOrThrow(NAME)),
@@ -521,7 +522,7 @@ public class AttachmentDatabase extends Database {
     contentValues.put(DIGEST, attachment.getDigest());
     contentValues.put(CONTENT_DISPOSITION, attachment.getKey());
     contentValues.put(NAME, attachment.getRelay());
-    contentValues.put(FILE_NAME, attachment.getFileName());
+    contentValues.put(FILE_NAME, StorageUtil.getCleanFileName(attachment.getFileName()));
     contentValues.put(SIZE, attachment.getSize());
     contentValues.put(FAST_PREFLIGHT_ID, attachment.getFastPreflightId());
     contentValues.put(VOICE_NOTE, attachment.isVoiceNote() ? 1 : 0);
@@ -555,7 +556,6 @@ public class AttachmentDatabase extends Database {
     return attachmentId;
   }
 
-
   @SuppressWarnings("WeakerAccess")
   @VisibleForTesting
   protected void updateAttachmentThumbnail(AttachmentId attachmentId, InputStream in, float aspectRatio)
diff --git a/src/org/thoughtcrime/securesms/mms/DocumentSlide.java b/src/org/thoughtcrime/securesms/mms/DocumentSlide.java
index 0a90f00481..3d7e8d37b8 100644
--- a/src/org/thoughtcrime/securesms/mms/DocumentSlide.java
+++ b/src/org/thoughtcrime/securesms/mms/DocumentSlide.java
@@ -7,6 +7,7 @@ import android.support.annotation.NonNull;
 import android.support.annotation.Nullable;
 
 import org.thoughtcrime.securesms.attachments.Attachment;
+import org.thoughtcrime.securesms.util.StorageUtil;
 
 public class DocumentSlide extends Slide {
 
@@ -18,7 +19,7 @@ public class DocumentSlide extends Slide {
                        @NonNull String contentType,  long size,
                        @Nullable String fileName)
   {
-    super(context, constructAttachmentFromUri(context, uri, contentType, size, true, fileName, false));
+    super(context, constructAttachmentFromUri(context, uri, contentType, size, true, StorageUtil.getCleanFileName(fileName), false));
   }
 
   @Override
diff --git a/src/org/thoughtcrime/securesms/util/StorageUtil.java b/src/org/thoughtcrime/securesms/util/StorageUtil.java
index 527818abdc..58c84e7a41 100644
--- a/src/org/thoughtcrime/securesms/util/StorageUtil.java
+++ b/src/org/thoughtcrime/securesms/util/StorageUtil.java
@@ -1,6 +1,7 @@
 package org.thoughtcrime.securesms.util;
 
 import android.os.Environment;
+import android.support.annotation.Nullable;
 
 import org.thoughtcrime.securesms.database.NoExternalStorageException;
 
@@ -49,4 +50,13 @@ public class StorageUtil
   public static File getDownloadDir() throws NoExternalStorageException {
     return new File(getSignalStorageDir(), Environment.DIRECTORY_DOWNLOADS);
   }
+
+  public static @Nullable String getCleanFileName(@Nullable String fileName) {
+    if (fileName == null) return null;
+
+    fileName = fileName.replace('\u202D', '\uFFFD');
+    fileName = fileName.replace('\u202E', '\uFFFD');
+
+    return fileName;
+  }
 }