truncate overlong messages (fixes dunst-project#248)

Displaying too heavy notifications can DoS dunst. For example bad programs, which pipe raw image data into the notification. Limiting the maximum character length to 5000 circumvents this. 5000 should be ridiculously high to prevent DoS while still not truncating all correct notifications.
Barbaross93 · Jul 9, 2017 · 717c747 · 717c747
1 parent a08fba4
commit 717c747
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -17,6 +17,7 @@
 - Text and icons are now centred vertically
 - Notifications aren't considered duplicate if urgency or icons differ
 - The frame width and color settings were moved to the global section as frame\_width and frame\_color respectively.
+- The maximum displayed field length is limited to 5000 characters
 
 ### Deprecated
 - `allow_markup` will be removed in later versions. It is being replaced by `markup`

diff --git a/src/notification.c b/src/notification.c
@@ -329,6 +329,16 @@ int notification_init(notification * n, int id)
 
         n->msg = g_strchomp(n->msg);
 
+        /* truncate overlong messages */
+        if (strlen(n->msg) > DUNST_NOTIF_MAX_CHARS) {
+                char* buffer = g_malloc(DUNST_NOTIF_MAX_CHARS);
+                strncpy(buffer, n->msg, DUNST_NOTIF_MAX_CHARS);
+                buffer[DUNST_NOTIF_MAX_CHARS-1] = '\0';
+
+                g_free(n->msg);
+                n->msg = buffer;
+        }
+
         if (n->icon != NULL && strlen(n->icon) <= 0) {
                 g_free(n->icon);
                 n->icon = NULL;

diff --git a/src/notification.h b/src/notification.h
@@ -12,6 +12,8 @@
 #define NORM 1
 #define CRIT 2
 
+#define DUNST_NOTIF_MAX_CHARS 5000
+
 typedef struct _raw_image {
         int width;
         int height;