Client: e2ee: Check IQ response is valid before decrypting

This way the extensions don't need to check that.

1 files changed, 15 insertions, 3 deletions

diff --git a/src/client/QXmppClient.cpp b/src/client/QXmppClient.cpp
index b422842c..18adddb6 100644
--- a/src/client/QXmppClient.cpp
+++ b/src/client/QXmppClient.cpp
@@ -34,6 +34,12 @@ using MessageEncryptResult = QXmppE2eeExtension::MessageEncryptResult;
 using IqEncryptResult = QXmppE2eeExtension::IqEncryptResult;
 using IqDecryptResult = QXmppE2eeExtension::IqDecryptResult;
 
+static bool isIqResponse(const QDomElement &el)
+{
+    auto type = el.attribute("type");
+    return el.tagName() == "iq" && (type == "result" || type == "error");
+}
+
 /// \cond
 QXmppClientPrivate::QXmppClientPrivate(QXmppClient *qq)
     : clientPresence(QXmppPresence::Available),
@@ -521,9 +527,15 @@ QFuture<QXmppClient::IqResult> QXmppClient::sendSensitiveIq(QXmppIq &&iq, const
                 auto future = d->stream->sendIq(QXmppPacket(*xml, true), id);
                 await(future, this, [this, interface](QXmppStream::IqResult result) mutable {
                     if (const auto encryptedDom = std::get_if<QDomElement>(&result)) {
-                        // received result (should be encrypted)
-                        if (d->encryptionExtension) {
-                            // decrypt
+                        if (!isIqResponse(*encryptedDom)) {
+                            QXmpp::SendError err {
+                                QStringLiteral("Invalid IQ response received."),
+                                QXmpp::SendError::EncryptionError
+                            };
+                            interface.reportResult(err);
+                            interface.reportFinished();
+                        } else if (d->encryptionExtension) {
+                            // try to decrypt the result (should be encrypted)
                             auto future = d->encryptionExtension->decryptIq(*encryptedDom);
                             await(future, this, [interface, encryptedDom = *encryptedDom](IqDecryptResult result) mutable {
                                 if (const auto dom = std::get_if<QDomElement>(&result)) {