Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Metadata leak in voice messages #413

Closed
krille-chan opened this issue Jul 15, 2023 · 3 comments
Closed

Metadata leak in voice messages #413

krille-chan opened this issue Jul 15, 2023 · 3 comments
Labels
stale The item is going to be closed soon because of inactivity

Comments

@krille-chan
Copy link
Owner

Description

Voice message metadata is not stripped. Audio Metadata should be disabled by default, as it is on many other chatting applications(e.g. WhatsApp, Telegram clients), or at least the user should have the option to disable it.

To Reproduce

Send a voice message via FluffyChat, download it and probe it with ffprobe, you will see:

  Metadata:
    major_brand     : mp42
    minor_version   : 0
    compatible_brands: isommp42
    creation_time   : 2022-08-10T10:19:33.000000Z
    com.android.version: 12
    com.android.manufacturer: OnePlus
    com.android.model: ONEPLUS A6013
  Duration: 00:00:02.93, start: 0.000000, bitrate: 73 kb/s
    Stream #0:0(eng): Audio: aac (LC) (mp4a / 0x6134706D), 22050 Hz, mono, fltp, 64 kb/s (default)
    Metadata:
      creation_time   : 2022-08-10T10:19:33.000000Z
      handler_name    : SoundHandle

Additional information:

  • Device: Oneplus 6T
  • OS and OS version: LineageOS / Android 12
  • Installed version of FluffyChat: 1.5.0
  • (Android only) Which store are you using: F-Droid
  • (Android only) Are Google Services available: No
@TrivialDem
Copy link

Concerning this issue, is a byte manipulation based approach possible ?

I have checked the header of the m4a file format used in audio, and it seems like the concerned field containing all the metadata is (unsurprisingly) the one named meta.
As described by the container, it consists of a 32 bits unsigned number specifying the length, followed by another 32 bits unsigned number called meta, then the actual metadata which is in the range. The first number also counts itself and the meta field.

After personal tests, stripping out the field and modifying the length specified before the moov field didn't work.
However, nulling all of the content of the metadata (except the length field and name field) results in a playable file without any metadata shown by ffprobe.

After searching in the repos, the relevant manipulation probably happen as far as I know around this variable.

Let me know your thoughts on this solution.

@TrivialDem TrivialDem mentioned this issue Aug 31, 2023
Closed
@basings basings mentioned this issue Jan 23, 2024
Closed
@Henry-Hiles Henry-Hiles mentioned this issue Feb 7, 2024
Closed
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 5, 2024

This issue is stale because it has been open for 120 days with no activity.

@github-actions github-actions bot added the stale The item is going to be closed soon because of inactivity label Mar 5, 2024
@github-actions GitHub Actions
Copy link

This issue was closed because it has been inactive for 14 days since being marked as stale.

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale May 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale The item is going to be closed soon because of inactivity
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Metadata leak in voice message TrivialDem/413-voice-metadata-leak
2 participants
@krille-chan @TrivialDem