truncate overlong messages (fixes #248)

Displaying too heavy notifications can DoS dunst. For example bad
programs, which pipe raw image data into the notification.
Limiting the maximum character length to 5000 circumvents this.

5000 should be ridiculously high to prevent DoS while still not
truncating all correct notifications.

CHANGELOG.md

@@ -17,6 +17,7 @@
 - Text and icons are now centred vertically
 - Notifications aren't considered duplicate if urgency or icons differ
 - The frame width and color settings were moved to the global section as frame\_width and frame\_color respectively.
+- The maximum displayed field length is limited to 5000 characters
 
 ### Deprecated
 - `allow_markup` will be removed in later versions. It is being replaced by `markup`

src/notification.c

@@ -329,6 +329,16 @@ int notification_init(notification * n, int id)
 
         n->msg = g_strchomp(n->msg);
 
+        /* truncate overlong messages */
+        if (strlen(n->msg) > DUNST_NOTIF_MAX_CHARS) {
+                char* buffer = g_malloc(DUNST_NOTIF_MAX_CHARS);
+                strncpy(buffer, n->msg, DUNST_NOTIF_MAX_CHARS);
+                buffer[DUNST_NOTIF_MAX_CHARS-1] = '\0';
+
+                g_free(n->msg);
+                n->msg = buffer;
+        }
+
         if (n->icon != NULL && strlen(n->icon) <= 0) {
                 g_free(n->icon);
                 n->icon = NULL;

src/notification.h

@@ -12,6 +12,8 @@
 #define NORM 1
 #define CRIT 2
 
+#define DUNST_NOTIF_MAX_CHARS 5000
+
 typedef struct _raw_image {
         int width;
         int height;