lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <152c1a9de39bf054725522dcf762097091e5a8a4.camel@talbothome.com>
Date:   Fri, 26 Mar 2021 06:51:24 -0400
From:   Christopher Talbot <chris@...bothome.com>
To:     netdev@...r.kernel.org
Subject: [PATCH 5/9] Allow for a user configurable maximum attachment size

Android and iOS enforce a maximum attachment size for MMS messages.
This patch enforces a maximum attachment size for MMS messages and
makes it user configurable.

The default maximum size is based off of Android, which has a maximum
MMS size of 1.1 Megabytes
---
 src/service.c | 38 ++++++++++++++++++++++++++++++++++----
 1 file changed, 34 insertions(+), 4 deletions(-)

diff --git a/src/service.c b/src/service.c
index a3b90c5..dede36d 100644
--- a/src/service.c
+++ b/src/service.c
@@ -56,6 +56,7 @@
 
 #define MAX_ATTACHMENTS_NUMBER 25
 #define MAX_ATTEMPTS 3
+#define DEFAULT_MAX_ATTACHMENT_TOTAL_SIZE 1100000
 
 #define SETTINGS_STORE "mms"
 #define SETTINGS_GROUP "Settings"
@@ -100,6 +101,7 @@ struct mms_service {
        GHashTable *messages;
        GKeyFile *settings;
        gboolean use_delivery_reports;
+       int max_attach_total_size;
 };
 
 enum mms_request_type {
@@ -146,7 +148,22 @@ static void mms_load_settings(struct mms_service
*service)
                g_key_file_set_boolean(service->settings,
SETTINGS_GROUP,
                                                "UseDeliveryReports",
                                                service-
>use_delivery_reports);
+               error = NULL;
        }
+
+       service->max_attach_total_size =
+               g_key_file_get_integer(service->settings,
SETTINGS_GROUP,
+                                               "TotalMaxAttachmentSize
", &error);
+
+       if (error) {
+               g_error_free(error);
+               service->max_attach_total_size =
DEFAULT_MAX_ATTACHMENT_TOTAL_SIZE;
+               g_key_file_set_integer(service->settings,
SETTINGS_GROUP,
+                                               "TotalMaxAttachmentSize
",
+                                               service-
>max_attach_total_size);
+       }
+       mms_debug("Maximum Attachment Total Size (in bytes): %d",
service->max_attach_total_size);
+
 }
 
 static void mms_request_destroy(struct mms_request *request)
@@ -414,10 +431,11 @@ static gboolean
send_message_get_recipients(DBusMessageIter *top_iter,
 }
 
 static gboolean send_message_get_attachments(DBusMessageIter
*top_iter,
-                                               struct mms_message
*msg)
+                                               struct mms_message
*msg, struct mms_service *service)
 {
        DBusMessageIter attachments;
        unsigned int attach_num = 0;
+       int attach_total_size = 0;
 
        dbus_message_iter_recurse(top_iter, &attachments);
 
@@ -430,8 +448,10 @@ static gboolean
send_message_get_attachments(DBusMessageIter *top_iter,
                struct mms_attachment *attach;
                void *ptr;
 
-               if (++attach_num > MAX_ATTACHMENTS_NUMBER)
+               if (++attach_num > MAX_ATTACHMENTS_NUMBER) {
+                       mms_error("Error: Too many attachments!");
                        return FALSE;
+               }
 
                dbus_message_iter_recurse(&attachments, &entry);
 
@@ -466,6 +486,16 @@ static gboolean
send_message_get_attachments(DBusMessageIter *top_iter,
                        return FALSE;
                }
 
+               attach_total_size = attach_total_size + attach->length;
+
+               mms_debug("Total attachment size: %d",
attach_total_size);
+               mms_debug("Maximum Attachment Total Size (in bytes):
%d", service->max_attach_total_size);
+
+               if (attach_total_size > service-
>max_attach_total_size) 
{
+                       mms_error("Error: Total Attachment size too
large!");
+                       return FALSE;
+               }
+
                attach->data = ptr;
 
                attach->content_id = g_strdup(id);
@@ -490,7 +520,7 @@ static gboolean
send_message_get_attachments(DBusMessageIter *top_iter,
 }
 
 static gboolean send_message_get_args(DBusMessage *dbus_msg,
-                                               struct mms_message
*msg)
+                                               struct mms_message
*msg, struct mms_service *service)
 {
        DBusMessageIter top_iter;
        const char *smil;
@@ -536,7 +566,7 @@ static gboolean send_message_get_args(DBusMessage
*dbus_msg,
        if (dbus_message_iter_get_arg_type(&top_iter) !=
DBUS_TYPE_ARRAY)
                return FALSE;
 
-       return send_message_get_attachments(&top_iter, msg);
+       return send_message_get_attachments(&top_iter, msg, service);
 }
 
 static struct mms_request *create_request(enum mms_request_type type,
-- 
2.30.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ