1 files changed, 36 insertions, 0 deletions

diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch
new file mode 100644
index 000000000000..e083f5896def
--- /dev/null
+++ b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch
@@ -0,0 +1,36 @@
+From b496e66899e5bc9547b6537a7f44ab44dd0aaf38 Mon Sep 17 00:00:00 2001
+From: Aleix Pol <aleixpol@kde.org>
+Date: Wed, 16 Sep 2020 02:28:58 +0200
+Subject: [PATCH 04/10] Limit identity packets to 8KiB
+
+Healthy identity packages shouldn't be that big and we don't want to
+allow systems around us to send us ever humongous packages that will
+just leave us without any memory.
+
+Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
+---
+ core/backends/lan/lanlinkprovider.cpp | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp
+index 235c221f..1fd3870e 100644
+--- a/core/backends/lan/lanlinkprovider.cpp
++++ b/core/backends/lan/lanlinkprovider.cpp
+@@ -381,6 +381,14 @@ void LanLinkProvider::newConnection()
+ void LanLinkProvider::dataReceived()
+ {
+     QSslSocket* socket = qobject_cast<QSslSocket*>(sender());
++    //the size here is arbitrary and is now at 8192 bytes. It needs to be considerably long as it includes the capabilities but there needs to be a limit
++    //Tested between my systems and I get around 2000 per identity package.
++    if (socket->bytesAvailable() > 8192) {
++        qCWarning(KDECONNECT_CORE) << "LanLinkProvider/newConnection: Suspiciously long identity package received. Closing connection." << socket->peerAddress() << socket->bytesAvailable();
++        socket->disconnectFromHost();
++        return;
++    }
++
+ #if QT_VERSION < QT_VERSION_CHECK(5,7,0)
+     if (!socket->canReadLine())
+         return;
+-- 
+2.28.0
+