File 0007-Do-not-remember-more-than-a-few-identity-packets-at-.patch of Package kdeconnect-kde
From de1187e23f179176bf455d14cbcf7b69bcb79f61 Mon Sep 17 00:00:00 2001
From: Albert Vaca Cintora <albertvaka@gmail.com>
Date: Thu, 24 Sep 2020 17:16:02 +0200
Subject: [PATCH 7/9] Do not remember more than a few identity packets at a
time
To prevent the kdeconnect process from using too much memory.
Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
---
core/backends/lan/lanlinkprovider.cpp | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp
index 00e2c01b..4a8596ff 100644
--- a/core/backends/lan/lanlinkprovider.cpp
+++ b/core/backends/lan/lanlinkprovider.cpp
@@ -47,6 +47,7 @@
#define MIN_VERSION_WITH_SSL_SUPPORT 6
static const int MAX_UNPAIRED_CONNECTIONS = 42;
+static const int MAX_REMEMBERED_IDENTITY_PACKETS = 42;
LanLinkProvider::LanLinkProvider(
bool testMode,
@@ -225,6 +226,12 @@ void LanLinkProvider::udpBroadcastReceived()
//qCDebug(KDECONNECT_CORE) << "Received Udp identity packet from" << sender << " asking for a tcp connection on port " << tcpPort;
+ if (m_receivedIdentityPackets.size() > MAX_REMEMBERED_IDENTITY_PACKETS) {
+ qCWarning(KDECONNECT_CORE) << "Too many remembered identities, ignoring" << receivedPacket->get<QString>(QStringLiteral("deviceId")) << "received via UDP";
+ delete receivedPacket;
+ continue;
+ }
+
QSslSocket* socket = new QSslSocket(this);
socket->setProxy(QNetworkProxy::NoProxy);
m_receivedIdentityPackets[socket].np = receivedPacket;
@@ -425,6 +432,12 @@ void LanLinkProvider::dataReceived()
return;
}
+ if (m_receivedIdentityPackets.size() > MAX_REMEMBERED_IDENTITY_PACKETS) {
+ qCWarning(KDECONNECT_CORE) << "Too many remembered identities, ignoring" << np->get<QString>(QStringLiteral("deviceId")) << "received via TCP";
+ delete np;
+ return;
+ }
+
// Needed in "encrypted" if ssl is used, similar to "tcpSocketConnected"
m_receivedIdentityPackets[socket].np = np;
--
2.28.0
