Browse Source

Drop suspiciously large data

This is to avoid exhausting system memory.
adaptive-webui-19844
Chocobo1 5 years ago
parent
commit
6119cb370f
No known key found for this signature in database
GPG Key ID: 210D9C873253A68C
  1. 6
      src/app/qtsingleapplication/qtlocalpeer.cpp

6
src/app/qtsingleapplication/qtlocalpeer.cpp

@ -191,6 +191,12 @@ void QtLocalPeer::receiveConnection() @@ -191,6 +191,12 @@ void QtLocalPeer::receiveConnection()
QByteArray uMsg;
quint32 remaining;
ds >> remaining;
if (remaining > 65535) {
// drop suspiciously large data
delete socket;
return;
}
uMsg.resize(remaining);
int got = 0;
char* uMsgBuf = uMsg.data();

Loading…
Cancel
Save