mirror of
https://github.com/twisterarmy/twister-core.git
synced 2025-01-24 05:24:34 +00:00
limit length of generated URI to 255 chars to prevent a DoS against the QR-Code dialog
This commit is contained in:
parent
1e8c62b29c
commit
b1a99c3a1f
@ -35,20 +35,28 @@ QRCodeDialog::~QRCodeDialog()
|
|||||||
void QRCodeDialog::genCode()
|
void QRCodeDialog::genCode()
|
||||||
{
|
{
|
||||||
QString uri = getURI();
|
QString uri = getURI();
|
||||||
QRcode *code = QRcode_encodeString(uri.toUtf8().constData(), 0, QR_ECLEVEL_L, QR_MODE_8, 1);
|
|
||||||
myImage = QImage(code->width + 8, code->width + 8, QImage::Format_RGB32);
|
if (uri != "")
|
||||||
myImage.fill(0xffffff);
|
|
||||||
unsigned char *p = code->data;
|
|
||||||
for (int y = 0; y < code->width; y++)
|
|
||||||
{
|
{
|
||||||
for (int x = 0; x < code->width; x++)
|
ui->lblQRCode->setText("");
|
||||||
|
|
||||||
|
QRcode *code = QRcode_encodeString(uri.toUtf8().constData(), 0, QR_ECLEVEL_L, QR_MODE_8, 1);
|
||||||
|
myImage = QImage(code->width + 8, code->width + 8, QImage::Format_RGB32);
|
||||||
|
myImage.fill(0xffffff);
|
||||||
|
unsigned char *p = code->data;
|
||||||
|
for (int y = 0; y < code->width; y++)
|
||||||
{
|
{
|
||||||
myImage.setPixel(x + 4, y + 4, ((*p & 1) ? 0x0 : 0xffffff));
|
for (int x = 0; x < code->width; x++)
|
||||||
p++;
|
{
|
||||||
|
myImage.setPixel(x + 4, y + 4, ((*p & 1) ? 0x0 : 0xffffff));
|
||||||
|
p++;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
QRcode_free(code);
|
||||||
|
ui->lblQRCode->setPixmap(QPixmap::fromImage(myImage).scaled(300, 300));
|
||||||
}
|
}
|
||||||
QRcode_free(code);
|
else
|
||||||
ui->lblQRCode->setPixmap(QPixmap::fromImage(myImage).scaled(300, 300));
|
ui->lblQRCode->setText(tr("Resulting URI too long, try to reduce the text for label / message."));
|
||||||
}
|
}
|
||||||
|
|
||||||
QString QRCodeDialog::getURI()
|
QString QRCodeDialog::getURI()
|
||||||
@ -81,7 +89,11 @@ QString QRCodeDialog::getURI()
|
|||||||
paramCount++;
|
paramCount++;
|
||||||
}
|
}
|
||||||
|
|
||||||
return ret;
|
// limit URI length to 255 chars, to prevent a DoS of the QR-Code dialog
|
||||||
|
if (ret.length() < 256)
|
||||||
|
return ret;
|
||||||
|
else
|
||||||
|
return QString("");
|
||||||
}
|
}
|
||||||
|
|
||||||
void QRCodeDialog::on_lnReqAmount_textChanged(const QString &arg1)
|
void QRCodeDialog::on_lnReqAmount_textChanged(const QString &arg1)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user