Security/Reviews/Gaia/Contacts/Import

From MozillaWiki
< Security‎ | Reviews‎ | Gaia‎ | Contacts
Jump to: navigation, search


Feature Review Details

  • App: Contacts, which is part of the Communications application
  • Review Date: November 18th, 2013
  • Review Lead: Stéphanie Ouillon
  • Branch reviewed: master
  • Latest commit:

https://github.com/mozilla-b2g/gaia/commit/6b8572b10572059a359ff0fc68a0e0b83eda250b

Overview

This review focuses on one feature in particular of the Contacts app: importing and exporting contacts.

There are several ways to import/export contacts:

  • external services on the web such as Google, Live, Yahoo BT! and Facebook
  • SIM card or SD card
  • vCard via bluetooth

(undergoing work: NFC)

Architecture

This review goes through the Gaia Communications app, the Contacts API and the underlying code to communicate with the SIM/SD card. The code is split between several components of the Communications app:

  • contacts: OAuth2, Facebook integration, SIM/SD card, vCard
  • gmail: service extension for importing contacts
  • live: service extension for importing contacts
  • facebook: service extension for importing/synchronising contacts

The service extensions are registered in the contacts app.

Several APIs are used:

  • DeviceStorage: used to access the sdcard filesystem. Security review here.
  • MozIccManager: provides STK (SIM Application TooKit) functionalities
  • Bluetooth: allows to connect to a Bluetooth device to get a vCard. Security review here

Import contacts overview.jpg

Relevant Documentation

webAPI: ContactsAPI - privileged

Gaia: Contacts in the Communications app

Importing contacts from an external service

Importing contacts from an external service means authenticating on the distant service via OAuth2. The implementation is distributed in several different places:

  • The common logic for the OAuth v2 implementation is in contacts/oauth2.
  • The UI used for every service - be it gmail, live or facebook - is implemented in fb_oauth.js in the communications/facebook app.
  • About the Facebook OAuth API: some logic is handled in communications/facebook and communications/contacts/js/fb/

OAuth2 process.jpg

Synchronizing contacts (‘sync’) is currently possible for Facebook contacts, but not for gmail and live. So we’re more concerned about imports than exports.

Get Contacts Service.jpg

The gmail, live and facebook connectors implement a common interface to import contacts with a method adaptDataForShowing: In the case of gmail, one additional method gContactToJson() is used when importing data.

Code Review Notes

Contacts data are XML data, parsed to JSON before being displayed to the user. This is the job of adaptDataForShowing(). There are two functions 'render' for rendering contacts:

  • one in fb/friends_list.js with no sanitization only used for fb sync
  • one in views/details.js: with sanitization in renderEmail, renderAddress, so on

The imported data are stored as is by adaptDataForSaving(), which should be ok.

Facebook integration legacy issue:

  • bug 851213 : Facebook import screen screen does not seem to escape contact data. The type of data we expect is known when adaptDataForShowin() is called, so it would be possible to check the data (email, address, etc).


Importing contacts from a SIM card

Not considering yet the on-going work about Dual SIM support. Documentation about the Radio Interface Layer (RIL) is available here

In the contacts app, the file handling the SIM contacts is utilities/import_sim_contacts. It performs a call to readContacts() from the IccManager.

RIL worker.jpg

Code Review Notes

The logic is handled in ril_worker. The data is put in a Buf object (worker_buf). It is then parsed in two functions in ril_worker.js: readICCUCS2String to get the contact id and reaDiallingNumber to get the phone number.

The code is written in Javascript but looks intentionally like C. The parsing seems to be handled correctly (and I didn’t see any memory management problems at that level or in ipc/ril/Ril.cpp).

Importing contacts from the SD card

The code is in:

  • contacts/js/utilities/sdcard.js
  • contacts/js/views/settings.js

It uses the deviceStorage API to get access to the SD card filesystem. It searches from files of types specified in settings.js: 

   utils.sdcard.retrieveFiles([
     'text/vcard',
     'text/directory;profile=vCard',
     'text/directory'
   ],...);

Text is imported with a VCFReader. Importing Contacts from the SD card required an exclusive access to its filesystem (it must not be shared in order to ensure data consistency).

Importing contacts from a vCard

The code is located in:

  • utilities/import_from_vcard.js

It manipulates a file, which was received via Bluetooth: it uses a FileReader to access the data. A review of the bluetooth API/App has been performed separately.

Code Review Notes

The data is parsed in the file utilities/vcard_parser.js. It uses a custom decodeQP function to decode Quoted-Printable encoding into UTF-8.


Exporting contacts

Exporting contacts is less sensitive from the perspective of the security of the device. The main risk is that the user enters bad data - which should be nonetheless sanitized before being stored on the phone - and synchronizes this data to external services.

Contacts can be exported to BT Yahoo!, the SIM card and the SD card.

In the Contacts app, the files dealing with export are in contacts/js/export/:

  • bt.js - export contacts to BT Yahoo!
  • contacts_exporter.js - generic module to do contacts export
  • sd.js - export contacts to SD card
  • sim.js - export contacts to SIM card
  • ../views/settings - the UI to launch the export
Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Reviews/Gaia/Contacts/Import&oldid=766925"