diff options
author | Carsten Haitzler (Rasterman) <raster@rasterman.com> | 2015-11-24 22:06:54 +0900 |
---|---|---|
committer | Mike Blumenkrantz <zmike@osg.samsung.com> | 2015-12-04 16:00:37 -0500 |
commit | 8a7280f87dbc1dce272b16adfe0398595e80e7d4 (patch) | |
tree | 1652db8b5b804a7dc95d295e6d9250bb8cda8e9e | |
parent | 04036826dacf4b52550df6c9550e1eb2aa376603 (diff) | |
download | enlightenment-8a7280f87dbc1dce272b16adfe0398595e80e7d4.tar.gz |
e - efm - rate limit dbus requests to open dirs or files to avoid dos
in a wayland wold we dont want to trust clients on the other side of a
dbus connection - so rate limit what you can do with efm dbus requests
@fix
-rw-r--r-- | src/modules/fileman/e_mod_dbus.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/src/modules/fileman/e_mod_dbus.c b/src/modules/fileman/e_mod_dbus.c index 93a8a7d174..2f291c0369 100644 --- a/src/modules/fileman/e_mod_dbus.c +++ b/src/modules/fileman/e_mod_dbus.c @@ -56,6 +56,21 @@ _e_fileman_dbus_daemon_free(E_Fileman_DBus_Daemon *d) free(d); } +static Eina_Bool +_e_fileman_dbus_call_rate_limit(void) +{ + static double last_call = 0.0; + static unsigned long long last_calls = 0; + double t = ecore_time_get(); + + if ((t - last_call) < 0.5) last_calls++; + else last_calls = 0; + last_call = t; + // if we get more than 10 requests over 0.5 sec - rate limit + if (last_calls > 10) return EINA_TRUE; + return EINA_FALSE; +} + static Eldbus_Message * _e_fileman_dbus_daemon_open_directory_cb(const Eldbus_Service_Interface *iface EINA_UNUSED, const Eldbus_Message *msg) @@ -64,6 +79,12 @@ _e_fileman_dbus_daemon_open_directory_cb(const Eldbus_Service_Interface *iface E char *dev, *to_free = NULL; E_Zone *zone; + + if (_e_fileman_dbus_call_rate_limit()) + { + fprintf(stderr, "EFM remote call rate limiting to avoid DOS attacks"); + return eldbus_message_method_return_new(msg); + } if (!eldbus_message_arguments_get(msg, "s", &directory)) { fprintf(stderr, "Error: getting arguments of OpenDirectory call.\n"); @@ -159,6 +180,11 @@ _e_fileman_dbus_daemon_open_file_cb(const Eldbus_Service_Interface *iface EINA_U char *real_file, *to_free = NULL; E_Zone *zone; + if (_e_fileman_dbus_call_rate_limit()) + { + fprintf(stderr, "EFM remote call rate limiting to avoid DOS attacks"); + return eldbus_message_method_return_new(msg); + } if (!eldbus_message_arguments_get(msg, "s", ¶m_file)) { fprintf(stderr, "ERROR: getting arguments of OpenFile call.\n"); |