kdeconnect-kde/0008-Limit-the-ports-we-try-to-connect-to-to-the-port-ran.patch

From 85b691e40f525e22ca5cc4ebe79c361d71d7dc05 Mon Sep 17 00:00:00 2001
From: Albert Vaca Cintora <albertvaka@gmail.com>
Date: Thu, 24 Sep 2020 17:18:06 +0200
Subject: [PATCH 8/9] Limit the ports we try to connect to to the port range of
 KDE Connect

So we can't trigger connections to other services.

Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
---
 core/backends/lan/lanlinkprovider.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp
index 6afb8552..f3d6801d 100644
--- a/core/backends/lan/lanlinkprovider.cpp
+++ b/core/backends/lan/lanlinkprovider.cpp
@@ -223,6 +223,11 @@ void LanLinkProvider::udpBroadcastReceived()
         }
 
         int tcpPort = receivedPacket->get<int>(QStringLiteral("tcpPort"));
+        if (tcpPort < MIN_TCP_PORT || tcpPort > MAX_TCP_PORT) {
+            qCDebug(KDECONNECT_CORE) << "TCP port outside of kdeconnect's range";
+            delete receivedPacket;
+            continue;
+        }
 
         //qCDebug(KDECONNECT_CORE) << "Received Udp identity packet from" << sender << " asking for a tcp connection on port " << tcpPort;
 
-- 
2.28.0