From d6358dcb169469a68ed253ee3847f735fc6ca05b Mon Sep 17 00:00:00 2001
From: ariskotsomitopoulos <aris.kotsomitopoulos@gmail.com>
Date: Thu, 28 Apr 2022 17:15:46 +0300
Subject: [PATCH] Prevent injecting a forged encrypted message and using
 session_id/sender_key of another room.

---
 .../matrix/android/sdk/internal/crypto/DefaultCryptoService.kt | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index 59acf1b8db..202cc2273c 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -1354,6 +1354,9 @@ internal class DefaultCryptoService @Inject constructor(
                                 senderKey = sessionInfoPair.second,
                                 sharedHistory = true
                         )
+                    }?.filter { inboundGroupSession ->
+                        // Prevent injecting a forged encrypted message and using session_id/sender_key of another room.
+                        inboundGroupSession.roomId == roomId
                     }?.forEach { inboundGroupSession ->
                         // Share the sharable session to userId with deviceId
                         val exportedKeys = inboundGroupSession.exportKeys(sharedHistory = true)