mirror of https://github.com/openclaw/openclaw.git
19a3a30dc0
Problem: Matrix DM classification logic had security vulnerabilities: 1. Unreachable code branch when is_direct flag was absent 2. When is_direct: true, skipped 2-member check (shared rooms misclassified as DMs) 3. **CWE-285: Improper Authorization** - trusted remote user's is_direct flag Security Issues: - Remote attacker could set is_direct=true on their membership to force DM classification - Remote attacker could set is_direct=false to bypass DM-only restrictions - Both could lead to policy bypass (DM allowlist/pairing checks) Fix: - hasDirectMatrixMemberFlag() returns boolean | null for local user only - isStrictDirectMembership() only trusts local user's is_direct (selfUserId) - Removed directViaSender lookups entirely (do not trust remote-controlled data) - Falls back to strict 2-member check when is_direct is false/null Key Insights: - In Matrix, m.room.member.content.is_direct is set by each member themselves - Only trust signals the bot controls (local user's membership state) - 2-member check remains as safe fallback that cannot be manipulated Closes #56599 |
||
|---|---|---|
| .. | ||
| src | ||
| CHANGELOG.md | ||
| api.ts | ||
| helper-api.ts | ||
| index.test.ts | ||
| index.ts | ||
| legacy-crypto-inspector.ts | ||
| openclaw.plugin.json | ||
| package-manifest.contract.test.ts | ||
| package.json | ||
| runtime-api.ts | ||
| setup-entry.ts | ||
| test-api.ts | ||
| thread-bindings-runtime.ts | ||