Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-08-18 00:00:10 -04:00
Code Issues Projects Releases Packages Wiki Activity

Limit device_id size to 512B (#12454)

Browse source 
*
This commit is contained in:
Shay 2022-04-13 10:04:01 -07:00 committed by GitHub
parent 0922462fc7
commit 8e2759f2d8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 36 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
synapse/rest/client/login.py
View file

@ -342,6 +342,15 @@ class LoginRestServlet(RestServlet):
user_id = canonical_uid
device_id = login_submission.get("device_id")
# If device_id is present, check that device_id is not longer than a reasonable 512 characters
if device_id and len(device_id) > 512:
raise LoginError(
400,
"device_id cannot be longer than 512 characters.",
errcode=Codes.INVALID_PARAM,
)
initial_display_name = login_submission.get("initial_device_display_name")
(
device_id,