limit length of generated URI to 255 chars to prevent a DoS against the QR-Code dialog

author: Philip Kaufmann <phil.kaufmann@t-online.de> 2012-04-12 18:39:22 +0200
committer: Philip Kaufmann <phil.kaufmann@t-online.de> 2012-04-12 20:34:06 +0200
commit: b1a99c3a1fb2613e9c7cecd565e8cc604b03eb6f (patch)
tree: b19c2b1217119549a26ff5f46f6f06704525ea9c /src/qt
parent: 1e8c62b29cc0bee5f8da4aa10720fddf0a1cbdfe (diff)
1 files changed, 23 insertions, 11 deletions
diff --git a/src/qt/qrcodedialog.cpp b/src/qt/qrcodedialog.cpp
index 515cae29d2..80a56d95f3 100644
--- a/src/qt/qrcodedialog.cpp
+++ b/src/qt/qrcodedialog.cpp
@@ -35,20 +35,28 @@ QRCodeDialog::~QRCodeDialog()
 void QRCodeDialog::genCode()
 {
     QString uri = getURI();
-    QRcode *code = QRcode_encodeString(uri.toUtf8().constData(), 0, QR_ECLEVEL_L, QR_MODE_8, 1);
-    myImage = QImage(code->width + 8, code->width + 8, QImage::Format_RGB32);
-    myImage.fill(0xffffff);
-    unsigned char *p = code->data;
-    for (int y = 0; y < code->width; y++)
+
+    if (uri != "")
     {
-        for (int x = 0; x < code->width; x++)
+        ui->lblQRCode->setText("");
+
+        QRcode *code = QRcode_encodeString(uri.toUtf8().constData(), 0, QR_ECLEVEL_L, QR_MODE_8, 1);
+        myImage = QImage(code->width + 8, code->width + 8, QImage::Format_RGB32);
+        myImage.fill(0xffffff);
+        unsigned char *p = code->data;
+        for (int y = 0; y < code->width; y++)
         {
-            myImage.setPixel(x + 4, y + 4, ((*p & 1) ? 0x0 : 0xffffff));
-            p++;
+            for (int x = 0; x < code->width; x++)
+            {
+                myImage.setPixel(x + 4, y + 4, ((*p & 1) ? 0x0 : 0xffffff));
+                p++;
+            }
         }
+        QRcode_free(code);
+        ui->lblQRCode->setPixmap(QPixmap::fromImage(myImage).scaled(300, 300));
     }
-    QRcode_free(code);
-    ui->lblQRCode->setPixmap(QPixmap::fromImage(myImage).scaled(300, 300));
+    else
+        ui->lblQRCode->setText(tr("Resulting URI too long, try to reduce the text for label / message."));
 }
 
 QString QRCodeDialog::getURI()
@@ -81,7 +89,11 @@ QString QRCodeDialog::getURI()
         paramCount++;
     }
 
-    return ret;
+    // limit URI length to 255 chars, to prevent a DoS of the QR-Code dialog
+    if (ret.length() < 256)
+        return ret;
+    else
+        return QString("");
 }
 
 void QRCodeDialog::on_lnReqAmount_textChanged(const QString &arg1)
author	Philip Kaufmann <phil.kaufmann@t-online.de>	2012-04-12 18:39:22 +0200
committer	Philip Kaufmann <phil.kaufmann@t-online.de>	2012-04-12 20:34:06 +0200
commit	b1a99c3a1fb2613e9c7cecd565e8cc604b03eb6f (patch)
tree	b19c2b1217119549a26ff5f46f6f06704525ea9c /src/qt
parent	1e8c62b29cc0bee5f8da4aa10720fddf0a1cbdfe (diff)