Open Benjamin-L opened 3 months ago
This permanently corrupts account data and is only fixable through dev tools, I don't think S-Minor is justified.
I'm fairly sure this is the reason why all my m.direct
associations got lost at one point - some other client probably tripped over the invalid data stored by Element and cleared the account data. That was a fun afternoon of copy-pasting /converttodm
.
Steps to reproduce
/query
command with an argument that is not a valid userid. The case I used for my example was/query @somebody:matrix-1.daffodil.home here's my initial message contents
Note that it is easy to do this if you assume that
/query
works like the IRC/query
command, and/query @user:origin a message
will start a DM with@user:origin
and send the message "a message".Outcome
What did you expect?
I get an error message if the argument is not a valid userid. Ideally, it would also be legal to pass additional arguments for the first message contents, like IRC, but this is not fundamental to the bug.
What happened instead?
Element opens an empty DM room, and writes following to the global
m.direct
account data event:This is not a valid
m.direct
event according to the spec, because the type ofm.direct
contents should be{[User ID]: [string]}
. This triggers a server bug in grapevine, where we are accepting arbitrary json for account data events but assuming thatm.direct
events in the db will be valid. This server bug should be fixed regardless of the element bug.Operating system
NixOS (linux)
Browser information
Firefox 126.0
URL for webapp
develop.element.io
Application version
Element version: e3aee58a6d68-react-cea0b7c37ecf-js-25a7c9e14065 Crypto version: Rust SDK 0.7.1 (80a151e), Vodozemac 0.6.0
Homeserver
Grapevine 6fb9abed6218b3ced6c14cedfaca5c4094e88bc8
Will you send logs?
Yes