Do not store long language tag to avoid possible DoS/flood attacks

author: Evgeniy Khramtsov <ekhramtsov@process-one.net> 2010-11-04 23:10:18 +0300
committer: Badlop <badlop@process-one.net> 2010-11-06 23:53:13 +0300
commit: 29fbe6d8e17fecf7fab8a173f2e64e552b74dc9b (patch)
tree: 10f93b6f19eeaa181c37a9ae1ac3cbaf3418f37d /src/ejabberd_c2s.erl
parent: 5c3611fe32c491efacbf5310cadb68ca8c3a604a (diff)
1 files changed, 13 insertions, 1 deletions
diff --git a/src/ejabberd_c2s.erl b/src/ejabberd_c2s.erl
index 975f79423..383823ace 100644
--- a/src/ejabberd_c2s.erl
+++ b/src/ejabberd_c2s.erl
@@ -321,7 +321,19 @@ wait_for_stream({xmlstreamstart, #xmlel{ns = NS} = Opening}, StateData) ->
         Server = binary_to_list(ServerB),
 	    case ?IS_MY_HOST(Server) of
 		true ->
-		    Lang = exmpp_stream:get_lang(Opening),
+		    Lang = case exmpp_stream:get_lang(Opening) of
+			       Lang1 when is_binary(Lang1) andalso size(Lang1) =< 35 ->
+				   %% As stated in BCP47, 4.4.1:
+				   %% Protocols or specifications that
+				   %% specify limited buffer sizes for
+				   %% language tags MUST allow for
+				   %% language tags of at least 35 characters.
+				   Lang1;
+			       _ ->
+				   %% Do not store long language tag to
+				   %% avoid possible DoS/flood attacks
+				   undefined
+			   end,
 		    change_shaper(StateData,
 		      exmpp_jid:make(ServerB)),
 		    case exmpp_stream:get_version(Opening) of
author	Evgeniy Khramtsov <ekhramtsov@process-one.net>	2010-11-04 23:10:18 +0300
committer	Badlop <badlop@process-one.net>	2010-11-06 23:53:13 +0300
commit	29fbe6d8e17fecf7fab8a173f2e64e552b74dc9b (patch)
tree	10f93b6f19eeaa181c37a9ae1ac3cbaf3418f37d /src/ejabberd_c2s.erl
parent	5c3611fe32c491efacbf5310cadb68ca8c3a604a (diff)