[SG-720] Trim c null characters getting padded at end of messages (#3724)

* Trim everything at the end of decrypted payload before parsing * Clarify comment * Use char code check for nulls * Extract trim code to function * make char codes constants
2025-01-12 10:27:20 +01:00 · 2022-10-10 13:07:12 -04:00 · 2022-10-10 13:07:12 -04:00 · fe1a895e6b
commit fe1a895e6b
parent f6b2b75ad8
1 changed files with 36 additions and 4 deletions
--- a/apps/desktop/src/services/nativeMessageHandler.service.ts
+++ b/apps/desktop/src/services/nativeMessageHandler.service.ts
@ -182,12 +182,25 @@ export class NativeMessageHandlerService {
      this.ddgSharedSecret = SymmetricCryptoKey.fromJSON({ keyB64: storedKey });
    }

-    return JSON.parse(
-      await this.cryptoService.decryptToUtf8(
+    try {
+      let decryptedResult = await this.cryptoService.decryptToUtf8(
        message.encryptedCommand as EncString,
        this.ddgSharedSecret
-      )
-    );
+      );
+
+      decryptedResult = this.trimNullCharsFromMessage(decryptedResult);
+
+      return JSON.parse(decryptedResult);
+    } catch {
+      this.sendResponse({
+        messageId: message.messageId,
+        version: NativeMessagingVersion.Latest,
+        payload: {
+          error: "cannot-decrypt",
+        },
+      });
+      return;
+    }
  }

  private async sendEncryptedResponse(
@ -218,4 +231,23 @@ export class NativeMessageHandlerService {
  private sendResponse(response: EncryptedMessageResponse | UnencryptedMessageResponse) {
    ipcRenderer.send("nativeMessagingReply", response);
  }
+
+  // Trim all null bytes padded at the end of messages. This happens with C encryption libraries.
+  private trimNullCharsFromMessage(message: string): string {
+    const charNull = 0;
+    const charRightCurlyBrace = 125;
+    const charRightBracket = 93;
+
+    for (let i = message.length - 1; i >= 0; i--) {
+      if (message.charCodeAt(i) === charNull) {
+        message = message.substring(0, message.length - 1);
+      } else if (
+        message.charCodeAt(i) === charRightCurlyBrace ||
+        message.charCodeAt(i) === charRightBracket
+      ) {
+        break;
+      }
+    }
+    return message;
+  }
 }