From fefbf7e5c3d179015018a9dfa710a1869161ca8a Mon Sep 17 00:00:00 2001
From: Sasha Weiss <sasha@signal.org>
Date: Mon, 20 May 2024 14:14:14 -0700
Subject: [PATCH] Validate incoming edit message target timestamp

---
 .../Messages/Edit/EditMessageStore.swift             |  5 +++++
 SignalServiceKit/Messages/MessageReceiver.swift      | 12 +++++++++++-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/SignalServiceKit/Messages/Edit/EditMessageStore.swift b/SignalServiceKit/Messages/Edit/EditMessageStore.swift
index 41eca17a61..437b7cc79e 100644
--- a/SignalServiceKit/Messages/Edit/EditMessageStore.swift
+++ b/SignalServiceKit/Messages/Edit/EditMessageStore.swift
@@ -76,6 +76,11 @@ public class EditMessageStoreImpl: EditMessageStore {
         authorAci: Aci?,
         tx: DBReadTransaction
     ) -> EditMessageTarget? {
+        guard SDS.fitsInInt64(timestamp) else {
+            owsFailDebug("Received invalid timestamp!")
+            return nil
+        }
+
         let transaction = SDSDB.shimOnlyBridge(tx)
 
         let sql = """
diff --git a/SignalServiceKit/Messages/MessageReceiver.swift b/SignalServiceKit/Messages/MessageReceiver.swift
index 244ddb12e8..138107f616 100644
--- a/SignalServiceKit/Messages/MessageReceiver.swift
+++ b/SignalServiceKit/Messages/MessageReceiver.swift
@@ -1594,6 +1594,11 @@ public final class MessageReceiver: Dependencies {
         transaction tx: SDSAnyWriteTransaction
     ) -> EditProcessingResult {
 
+        guard SDS.fitsInInt64(editMessage.targetSentTimestamp) else {
+            Logger.error("Edit message target was invalid timestamp!")
+            return .invalidEdit
+        }
+
         guard let transcript = OWSIncomingSentMessageTranscript.from(
             sentProto: sentMessage,
             serverTimestamp: decryptedEnvelope.serverTimestamp,
@@ -1648,13 +1653,18 @@ public final class MessageReceiver: Dependencies {
         editMessage: SSKProtoEditMessage,
         tx: SDSAnyWriteTransaction
     ) -> EditProcessingResult {
-        let decryptedEnvelope = request.decryptedEnvelope
+        guard SDS.fitsInInt64(editMessage.targetSentTimestamp) else {
+            Logger.error("Edit message target was invalid timestamp!")
+            return .invalidEdit
+        }
 
         guard let dataMessage = editMessage.dataMessage else {
             Logger.warn("Missing edit message data.")
             return .invalidEdit
         }
 
+        let decryptedEnvelope = request.decryptedEnvelope
+
         guard let thread = preprocessDataMessage(dataMessage, envelope: decryptedEnvelope, tx: tx) else {
             Logger.warn("Missing edit message thread.")
             return .invalidEdit