kdeconnect-kde/0007-Do-not-remember-more-than-a-few-identity-packets-at-.patch

From 66c768aa9e7fba30b119c8b801efd49ed1270b0a Mon Sep 17 00:00:00 2001
From: Albert Vaca Cintora <albertvaka@gmail.com>
Date: Thu, 24 Sep 2020 17:16:02 +0200
Subject: [PATCH 7/9] Do not remember more than a few identity packets at a
 time

To prevent the kdeconnect process from using too much memory.

Thanks Matthias Gerstner <mgerstner@suse.de> for reporting this.
---
 core/backends/lan/lanlinkprovider.cpp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp
index 770e7866..6afb8552 100644
--- a/core/backends/lan/lanlinkprovider.cpp
+++ b/core/backends/lan/lanlinkprovider.cpp
@@ -47,6 +47,7 @@
 #define MIN_VERSION_WITH_SSL_SUPPORT 6
 
 static const int MAX_UNPAIRED_CONNECTIONS = 42;
+static const int MAX_REMEMBERED_IDENTITY_PACKETS = 42;
 
 LanLinkProvider::LanLinkProvider(
         bool testMode,
@@ -225,6 +226,12 @@ void LanLinkProvider::udpBroadcastReceived()
 
         //qCDebug(KDECONNECT_CORE) << "Received Udp identity packet from" << sender << " asking for a tcp connection on port " << tcpPort;
 
+        if (m_receivedIdentityPackets.size() > MAX_REMEMBERED_IDENTITY_PACKETS) {
+            qCWarning(KDECONNECT_CORE) << "Too many remembered identities, ignoring" << receivedPacket->get<QString>(QStringLiteral("deviceId")) << "received via UDP";
+            delete receivedPacket;
+            continue;
+        }
+
         QSslSocket* socket = new QSslSocket(this);
         socket->setProxy(QNetworkProxy::NoProxy);
         m_receivedIdentityPackets[socket].np = receivedPacket;
@@ -435,6 +442,12 @@ void LanLinkProvider::dataReceived()
         return;
     }
 
+    if (m_receivedIdentityPackets.size() > MAX_REMEMBERED_IDENTITY_PACKETS) {
+        qCWarning(KDECONNECT_CORE) << "Too many remembered identities, ignoring" << np->get<QString>(QStringLiteral("deviceId")) << "received via TCP";
+        delete np;
+        return;
+    }
+
     // Needed in "encrypted" if ssl is used, similar to "tcpSocketConnected"
     m_receivedIdentityPackets[socket].np = np;
 
-- 
2.28.0