We have some news to share for the request index beta feature. We’ve added more options to sort your requests, counters to the individual filters and documentation for the search functionality. Checkout the blog post for more details.

Overview

File hold-profile-hardening.patch of Package power-profiles-daemon

Index: power-profiles-daemon-0.30/src/power-profiles-daemon.c
===================================================================
--- power-profiles-daemon-0.30.orig/src/power-profiles-daemon.c
+++ power-profiles-daemon-0.30/src/power-profiles-daemon.c
@@ -830,6 +830,29 @@ holder_disappeared (GDBusConnection *con
   g_ptr_array_free (cookies, TRUE);
 }
 
+#define MAX_UNTRUSTED_STR_LEN 1024
+#define MAX_PROFILE_HOLDS 32
+
+static gboolean
+check_sane_string(const char *s)
+{
+  guint i;
+
+  for (i = 0; s[i] != 0; i++) {
+    gchar ch = s[i];
+
+    if (i > MAX_UNTRUSTED_STR_LEN)
+      return FALSE;
+
+    if (g_ascii_isalnum(ch) || g_ascii_isspace(ch))
+      continue;
+
+    return FALSE;
+  }
+
+  return TRUE;
+}
+
 static void
 hold_profile (PpdApp                *data,
               GVariant              *parameters,
@@ -858,6 +881,18 @@ hold_profile (PpdApp                *dat
     return;
   }
 
+  if (!check_sane_string(reason) || !check_sane_string(application_id)) {
+    g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS,
+                                           "Input strings are too long or contain invalid characters");
+    return;
+  }
+
+  if (g_hash_table_size(data->profile_holds) > MAX_PROFILE_HOLDS) {
+    g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_LIMITS_EXCEEDED,
+                                           "Too many profile holds already active");
+    return;
+  }
+
   hold = g_new0 (ProfileHold, 1);
   hold->profile = profile;
   hold->reason = g_strdup (reason);
openSUSE Build Service is sponsored by
Places