Группа :: Коммуникации
Пакет: kde5-connect
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
Патч: b496e66899e5bc9547b6537a7f44ab44dd0aaf38.diff
Скачать
Скачать
diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp
index 235c221f9858bfb3afac9b2032d577bf5319f419..1fd3870e3d90bb4063644f2393c737a91ad2694b 100644
--- a/core/backends/lan/lanlinkprovider.cpp
+++ b/core/backends/lan/lanlinkprovider.cpp
@@ -381,6 +381,14 @@ void LanLinkProvider::newConnection()
void LanLinkProvider::dataReceived()
{
QSslSocket* socket = qobject_cast<QSslSocket*>(sender());
+ //the size here is arbitrary and is now at 8192 bytes. It needs to be considerably long as it includes the capabilities but there needs to be a limit
+ //Tested between my systems and I get around 2000 per identity package.
+ if (socket->bytesAvailable() > 8192) {
+ qCWarning(KDECONNECT_CORE) << "LanLinkProvider/newConnection: Suspiciously long identity package received. Closing connection." << socket->peerAddress() << socket->bytesAvailable();
+ socket->disconnectFromHost();
+ return;
+ }
+
#if QT_VERSION < QT_VERSION_CHECK(5,7,0)
if (!socket->canReadLine())
return;