limit length of generated URI to 255 chars to prevent a DoS against the QR-Code dialog

This commit is contained in:
Philip Kaufmann 2012-04-12 18:39:22 +02:00
parent 1e8c62b29c
commit b1a99c3a1f

View File

@ -35,20 +35,28 @@ QRCodeDialog::~QRCodeDialog()
void QRCodeDialog::genCode() void QRCodeDialog::genCode()
{ {
QString uri = getURI(); QString uri = getURI();
QRcode *code = QRcode_encodeString(uri.toUtf8().constData(), 0, QR_ECLEVEL_L, QR_MODE_8, 1);
myImage = QImage(code->width + 8, code->width + 8, QImage::Format_RGB32); if (uri != "")
myImage.fill(0xffffff);
unsigned char *p = code->data;
for (int y = 0; y < code->width; y++)
{ {
for (int x = 0; x < code->width; x++) ui->lblQRCode->setText("");
QRcode *code = QRcode_encodeString(uri.toUtf8().constData(), 0, QR_ECLEVEL_L, QR_MODE_8, 1);
myImage = QImage(code->width + 8, code->width + 8, QImage::Format_RGB32);
myImage.fill(0xffffff);
unsigned char *p = code->data;
for (int y = 0; y < code->width; y++)
{ {
myImage.setPixel(x + 4, y + 4, ((*p & 1) ? 0x0 : 0xffffff)); for (int x = 0; x < code->width; x++)
p++; {
myImage.setPixel(x + 4, y + 4, ((*p & 1) ? 0x0 : 0xffffff));
p++;
}
} }
QRcode_free(code);
ui->lblQRCode->setPixmap(QPixmap::fromImage(myImage).scaled(300, 300));
} }
QRcode_free(code); else
ui->lblQRCode->setPixmap(QPixmap::fromImage(myImage).scaled(300, 300)); ui->lblQRCode->setText(tr("Resulting URI too long, try to reduce the text for label / message."));
} }
QString QRCodeDialog::getURI() QString QRCodeDialog::getURI()
@ -81,7 +89,11 @@ QString QRCodeDialog::getURI()
paramCount++; paramCount++;
} }
return ret; // limit URI length to 255 chars, to prevent a DoS of the QR-Code dialog
if (ret.length() < 256)
return ret;
else
return QString("");
} }
void QRCodeDialog::on_lnReqAmount_textChanged(const QString &arg1) void QRCodeDialog::on_lnReqAmount_textChanged(const QString &arg1)