diff options
Diffstat (limited to 'kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch')
-rw-r--r-- | kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch new file mode 100644 index 000000000000..e083f5896def --- /dev/null +++ b/kde-misc/kdeconnect/files/kdeconnect-20.04.3-04-Limit-identity-packets-to-8KiB.patch @@ -0,0 +1,36 @@ +From b496e66899e5bc9547b6537a7f44ab44dd0aaf38 Mon Sep 17 00:00:00 2001 +From: Aleix Pol <aleixpol@kde.org> +Date: Wed, 16 Sep 2020 02:28:58 +0200 +Subject: [PATCH 04/10] Limit identity packets to 8KiB + +Healthy identity packages shouldn't be that big and we don't want to +allow systems around us to send us ever humongous packages that will +just leave us without any memory. + +Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this. +--- + core/backends/lan/lanlinkprovider.cpp | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp +index 235c221f..1fd3870e 100644 +--- a/core/backends/lan/lanlinkprovider.cpp ++++ b/core/backends/lan/lanlinkprovider.cpp +@@ -381,6 +381,14 @@ void LanLinkProvider::newConnection() + void LanLinkProvider::dataReceived() + { + QSslSocket* socket = qobject_cast<QSslSocket*>(sender()); ++ //the size here is arbitrary and is now at 8192 bytes. It needs to be considerably long as it includes the capabilities but there needs to be a limit ++ //Tested between my systems and I get around 2000 per identity package. ++ if (socket->bytesAvailable() > 8192) { ++ qCWarning(KDECONNECT_CORE) << "LanLinkProvider/newConnection: Suspiciously long identity package received. Closing connection." << socket->peerAddress() << socket->bytesAvailable(); ++ socket->disconnectFromHost(); ++ return; ++ } ++ + #if QT_VERSION < QT_VERSION_CHECK(5,7,0) + if (!socket->canReadLine()) + return; +-- +2.28.0 + |