Fix DoS vulnerabilityv5.5.15.5.1

Add checks on maximum header line length and on the maximum number
of header lines.

Task-number: QTBUG-48123
Change-Id: I65dbeb53af7aa0dfa137ce31fc2549940559314e
Reviewed-by: Richard J. Moore <rich@kde.org>

1 files changed, 7 insertions, 1 deletions

diff --git a/src/websockets/qwebsocketserver_p.cpp b/src/websockets/qwebsocketserver_p.cpp
index bc23674..d1750ce 100644
--- a/src/websockets/qwebsocketserver_p.cpp
+++ b/src/websockets/qwebsocketserver_p.cpp
@@ -49,6 +49,12 @@
 
 QT_BEGIN_NAMESPACE
 
+//both constants are taken from the default settings of Apache
+//see: http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestfieldsize and
+//http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestfields
+const int MAX_HEADERLINE_LENGTH = 8 * 1024; //maximum length of a http request header line
+const int MAX_HEADERLINES = 100;            //maximum number of http request header lines
+
 /*!
     \internal
  */
@@ -431,7 +437,7 @@ void QWebSocketServerPrivate::handshakeReceived()
 
     QWebSocketHandshakeRequest request(pTcpSocket->peerPort(), isSecure);
     QTextStream textStream(pTcpSocket);
-    request.readHandshake(textStream);
+    request.readHandshake(textStream, MAX_HEADERLINE_LENGTH, MAX_HEADERLINES);
 
     if (request.isValid()) {
         QWebSocketCorsAuthenticator corsAuthenticator(request.origin());