limit length of generated URI to 255 chars to prevent a DoS against the QR-Code dialog
This commit is contained in:
Philip Kaufmann
parent
1e8c62b29c
commit
b1a99c3a1f
1 changed files with 23 additions and 11 deletions
|
|
@ -35,6 +35,11 @@ QRCodeDialog::~QRCodeDialog()
|
|||
void QRCodeDialog::genCode()
|
||||
{
|
||||
QString uri = getURI();
|
||||
|
||||
if (uri != "")
|
||||
{
|
||||
ui->lblQRCode->setText("");
|
||||
|
||||
QRcode *code = QRcode_encodeString(uri.toUtf8().constData(), 0, QR_ECLEVEL_L, QR_MODE_8, 1);
|
||||
myImage = QImage(code->width + 8, code->width + 8, QImage::Format_RGB32);
|
||||
myImage.fill(0xffffff);
|
||||
|
|
@ -49,6 +54,9 @@ void QRCodeDialog::genCode()
|
|||
}
|
||||
QRcode_free(code);
|
||||
ui->lblQRCode->setPixmap(QPixmap::fromImage(myImage).scaled(300, 300));
|
||||
}
|
||||
else
|
||||
ui->lblQRCode->setText(tr("Resulting URI too long, try to reduce the text for label / message."));
|
||||
}
|
||||
|
||||
QString QRCodeDialog::getURI()
|
||||
|
|
@ -81,7 +89,11 @@ QString QRCodeDialog::getURI()
|
|||
paramCount++;
|
||||
}
|
||||
|
||||
// limit URI length to 255 chars, to prevent a DoS of the QR-Code dialog
|
||||
if (ret.length() < 256)
|
||||
return ret;
|
||||
else
|
||||
return QString("");
|
||||
}
|
||||
|
||||
void QRCodeDialog::on_lnReqAmount_textChanged(const QString &arg1)
|
||||
|
|
|
|||
Loading…
Reference in a new issue