add remote status published / updated field validation checks, handle appropriately in handleStatusEdit()

2025-12-29 15:46:15 -06:00 · 2024-12-24 15:14:30 +00:00 · 2024-12-24 15:14:30 +00:00 · a66f3e2f89
commit a66f3e2f89
parent 23a6c584f1
2 changed files with 31 additions and 22 deletions
--- a/internal/federation/dereferencing/status.go
+++ b/internal/federation/dereferencing/status.go
@ -477,6 +477,12 @@ func (d *Dereferencer) enrichStatus(
 		)
 	}

+	// Ensure that status isn't trying to re-date itself.
+	if !latestStatus.CreatedAt.Equal(status.CreatedAt) {
+		err := gtserror.Newf("status %s 'published' changed", uri)
+		return nil, nil, gtserror.SetMalformed(err)
+	}
+
 	// Ensure the final parsed status URI or URL matches
 	// the input URI we fetched (or received) it as.
 	matches, err := util.URIMatches(uri,
@ -1157,25 +1163,6 @@ func (d *Dereferencer) handleStatusEdit(
 		edited = true
 	}

-	switch {
-	// We prefer to use provided 'upated_at', but ensure
-	// it fits chronologically with creation / last update.
-	//
-	// updated_at has jumped backward, safety check it.
-	case existing.UpdatedAt.Before(status.UpdatedAt):
-		cols = append(cols, "updated_at")
-
-		if existing.CreatedAt.After(status.UpdatedAt) {
-			// It's jumped behind creation date,
-			// at least match it to creation time.
-			status.UpdatedAt = existing.CreatedAt
-		}
-
-	// updated_at has jumped forward, this is fine.
-	case existing.UpdatedAt.After(status.UpdatedAt):
-		cols = append(cols, "updated_at")
-	}
-
 	if pollChanged {
 		// Attached poll was changed.
 		cols = append(cols, "poll_id")
@ -1229,6 +1216,15 @@ func (d *Dereferencer) handleStatusEdit(
 	}

 	if edited {
+		// ensure that updated_at hasn't remained the same
+		// but an edit was received. manually intervene here.
+		if status.UpdatedAt.Equal(existing.UpdatedAt) ||
+			status.CreatedAt.Equal(status.UpdatedAt) {
+
+			// Simply use current fetching time.
+			status.UpdatedAt = status.FetchedAt
+		}
+
 		// Status has been editted since last
 		// we saw it, take snapshot of existing.
 		var edit gtsmodel.StatusEdit
@ -1279,6 +1275,12 @@ func (d *Dereferencer) handleStatusEdit(
 		cols = append(cols, "edits")
 	}

+	if !existing.UpdatedAt.Equal(status.UpdatedAt) {
+		// Whether status edited or not,
+		// updated_at column has changed.
+		cols = append(cols, "updated_at")
+	}
+
 	return cols, nil
 }

--- a/internal/typeutils/astointernal.go
+++ b/internal/typeutils/astointernal.go
@ -22,6 +22,7 @@ import (
 	"context"
 	"errors"
 	"net/url"
+	"time"

 	"github.com/miekg/dns"
 	"github.com/superseriousbusiness/gotosocial/internal/ap"
@ -357,15 +358,21 @@ func (c *Converter) ASStatusToStatus(ctx context.Context, statusable ap.Statusab
 		status.CreatedAt = pub
 	} else {
 		log.Warnf(ctx, "unusable published property on %s", uri)
+		status.CreatedAt = time.Now()
 	}

 	// status.Updated
 	//
-	// Extract updated time for status, defaults to Published.
-	if upd := ap.GetUpdated(statusable); !upd.IsZero() {
+	// Extract and validate update time for status. Defaults to published.
+	if upd := ap.GetUpdated(statusable); upd.After(status.CreatedAt) {
 		status.UpdatedAt = upd
-	} else {
+	} else if upd.IsZero() {
 		status.UpdatedAt = status.CreatedAt
+	} else {
+
+		// This is a malformed status that will likely break our systems.
+		err := gtserror.Newf("status %s 'updated' predates 'published'", uri)
+		return nil, gtserror.SetMalformed(err)
 	}

 	// status.AccountURI