diff --git a/core/backends/bluetooth/bluetoothlinkprovider.cpp b/core/backends/bluetooth/bluetoothlinkprovider.cpp index 25ff23dd9..b1891016a 100644 --- a/core/backends/bluetooth/bluetoothlinkprovider.cpp +++ b/core/backends/bluetooth/bluetoothlinkprovider.cpp @@ -194,8 +194,8 @@ void BluetoothLinkProvider::clientIdentityReceived(const QBluetoothAddress &peer NetworkPacket receivedPacket; bool success = NetworkPacket::unserialize(identityArray, &receivedPacket); - if (!success || receivedPacket.type() != PACKET_TYPE_IDENTITY) { - qCWarning(KDECONNECT_CORE) << "BluetoothLinkProvider Received not an identity packet"; + if (!success || !DeviceInfo::isValidIdentityPacket(np)) { + qCWarning(KDECONNECT_CORE) << "BluetoothLinkProvider: Invalid identity packet received"; mSockets.remove(peer); socket->close(); socket->deleteLater(); @@ -298,8 +298,8 @@ void BluetoothLinkProvider::serverDataReceived(const QBluetoothAddress &peer, QS NetworkPacket receivedPacket; bool success = NetworkPacket::unserialize(identityArray, &receivedPacket); - if (!success || receivedPacket.type() != PACKET_TYPE_IDENTITY) { - qCWarning(KDECONNECT_CORE) << "Not an identity packet."; + if (!success || !DeviceInfo::isValidIdentityPacket(receivedPacket)) { + qCWarning(KDECONNECT_CORE) << "BluetoothLinkProvider: Invalid identity packet received"; mSockets.remove(peer); socket->close(); socket->deleteLater(); diff --git a/core/backends/lan/lanlinkprovider.cpp b/core/backends/lan/lanlinkprovider.cpp index b9a23c915..292adffd6 100644 --- a/core/backends/lan/lanlinkprovider.cpp +++ b/core/backends/lan/lanlinkprovider.cpp @@ -259,8 +259,8 @@ void LanLinkProvider::udpBroadcastReceived() continue; } - if (receivedPacket->type() != PACKET_TYPE_IDENTITY) { - qCDebug(KDECONNECT_CORE) << "Received a UDP packet of wrong type" << receivedPacket->type(); + if (!DeviceInfo::isValidIdentityPacket(receivedPacket)) { + qCWarning(KDECONNECT_CORE) << "Invalid identity packet received"; delete receivedPacket; continue; } @@ -477,8 +477,8 @@ void LanLinkProvider::dataReceived() return; } - if (np->type() != PACKET_TYPE_IDENTITY) { - qCWarning(KDECONNECT_CORE) << "LanLinkProvider/newConnection: Expected identity, received " << np->type(); + if (!DeviceInfo::isValidIdentityPacket(np)) { + qCWarning(KDECONNECT_CORE) << "Invalid identity packet received"; delete np; return; } diff --git a/core/daemon.cpp b/core/daemon.cpp index d6a024bde..4e0ddce65 100644 --- a/core/daemon.cpp +++ b/core/daemon.cpp @@ -193,10 +193,11 @@ void Daemon::onDeviceStatusChanged() void Daemon::setAnnouncedName(const QString &name) { + QString filteredName = DeviceInfo::filterName(name); qCDebug(KDECONNECT_CORE) << "Announcing name"; - KdeConnectConfig::instance().setName(name); + KdeConnectConfig::instance().setName(filteredName); forceOnNetworkChange(); - Q_EMIT announcedNameChanged(name); + Q_EMIT announcedNameChanged(filteredName); } void Daemon::setCustomDevices(const QStringList &addresses) diff --git a/core/deviceinfo.h b/core/deviceinfo.h index 2b22a67f3..87877df5b 100644 --- a/core/deviceinfo.h +++ b/core/deviceinfo.h @@ -8,6 +8,7 @@ #define DEVICE_INFO_H #include "networkpacket.h" +#include #include #include #include @@ -138,12 +139,25 @@ struct DeviceInfo { return DeviceInfo(np.get(QStringLiteral("deviceId")), certificate, - np.get(QStringLiteral("deviceName")), + filterName(np.get(QStringLiteral("deviceName"))), DeviceType::FromString(np.get(QStringLiteral("deviceType"))), np.get(QStringLiteral("protocolVersion"), -1), QSet(incomingCapabilities.begin(), incomingCapabilities.end()), QSet(outgoingCapabilities.begin(), outgoingCapabilities.end())); } + + static QString filterName(QString input) + { + static const QRegularExpression NAME_INVALID_CHARACTERS_REGEX(QStringLiteral("[\"',;:.!?()\\[\\]<>]")); + constexpr int MAX_DEVICE_NAME_LENGTH = 32; + return input.remove(NAME_INVALID_CHARACTERS_REGEX).left(MAX_DEVICE_NAME_LENGTH); + } + + static bool isValidIdentityPacket(NetworkPacket *np) + { + return np->type() == PACKET_TYPE_IDENTITY && !filterName(np->get(QLatin1String("deviceName"), QString())).isEmpty() + && !np->get(QLatin1String("deviceId"), QString()).isEmpty(); + } }; #endif