/pidgin/main: 68d6df7dc69c: msn: Fix fault handling NUL-pointer ...
Daniel Atallah
datallah at pidgin.im
Tue Jan 28 10:38:08 EST 2014
Changeset: 68d6df7dc69c1b62c01fae2390c00f3639542793
Author: Daniel Atallah <datallah at pidgin.im>
Date: 2013-03-16 14:17 -0400
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/68d6df7dc69c
Description:
msn: Fix fault handling NUL-pointer derefs
diffstat:
libpurple/protocols/msn/oim.c | 35 ++++++++++++++++++-----------------
libpurple/protocols/msn/soap.c | 12 ++++++++----
2 files changed, 26 insertions(+), 21 deletions(-)
diffs (97 lines):
diff --git a/libpurple/protocols/msn/oim.c b/libpurple/protocols/msn/oim.c
--- a/libpurple/protocols/msn/oim.c
+++ b/libpurple/protocols/msn/oim.c
@@ -362,11 +362,12 @@ msn_oim_send_read_cb(MsnSoapMessage *req
if (faultcode) {
char *faultcode_str = xmlnode_get_data(faultcode);
- if (g_str_equal(faultcode_str, "q0:AuthenticationFailed")) {
+ if (faultcode_str && g_str_equal(faultcode_str, "q0:AuthenticationFailed")) {
xmlnode *challengeNode = xmlnode_get_child(faultNode,
"detail/LockKeyChallenge");
+ char *challenge = NULL;
- if (challengeNode == NULL) {
+ if (challengeNode == NULL || (challenge = xmlnode_get_data(challengeNode)) == NULL) {
if (oim->challenge) {
g_free(oim->challenge);
oim->challenge = NULL;
@@ -384,7 +385,6 @@ msn_oim_send_read_cb(MsnSoapMessage *req
} else {
char buf[33];
- char *challenge = xmlnode_get_data(challengeNode);
msn_handle_chl(challenge, buf);
g_free(oim->challenge);
@@ -400,22 +400,23 @@ msn_oim_send_read_cb(MsnSoapMessage *req
}
} else {
/* Report the error */
- const char *str_reason;
+ const char *str_reason = NULL;
- if (g_str_equal(faultcode_str, "q0:SystemUnavailable")) {
- str_reason = _("Message was not sent because the system is "
- "unavailable. This normally happens when the "
- "user is blocked or does not exist.");
+ if (faultcode_str) {
+ if (g_str_equal(faultcode_str, "q0:SystemUnavailable")) {
+ str_reason = _("Message was not sent because the system is "
+ "unavailable. This normally happens when the "
+ "user is blocked or does not exist.");
+ } else if (g_str_equal(faultcode_str, "q0:SenderThrottleLimitExceeded")) {
+ str_reason = _("Message was not sent because messages "
+ "are being sent too quickly.");
+ } else if (g_str_equal(faultcode_str, "q0:InvalidContent")) {
+ str_reason = _("Message was not sent because an unknown "
+ "encoding error occurred.");
+ }
+ }
- } else if (g_str_equal(faultcode_str, "q0:SenderThrottleLimitExceeded")) {
- str_reason = _("Message was not sent because messages "
- "are being sent too quickly.");
-
- } else if (g_str_equal(faultcode_str, "q0:InvalidContent")) {
- str_reason = _("Message was not sent because an unknown "
- "encoding error occurred.");
-
- } else {
+ if (str_reason == NULL) {
str_reason = _("Message was not sent because an unknown "
"error occurred.");
}
diff --git a/libpurple/protocols/msn/soap.c b/libpurple/protocols/msn/soap.c
--- a/libpurple/protocols/msn/soap.c
+++ b/libpurple/protocols/msn/soap.c
@@ -304,21 +304,25 @@ msn_soap_handle_body(MsnSoapConnection *
if (faultcode != NULL) {
char *faultdata = xmlnode_get_data(faultcode);
- if (g_str_equal(faultdata, "psf:Redirect")) {
+ if (faultdata && g_str_equal(faultdata, "psf:Redirect")) {
xmlnode *url = xmlnode_get_child(fault, "redirectUrl");
if (url) {
char *urldata = xmlnode_get_data(url);
- msn_soap_handle_redirect(conn, urldata);
+ if (urldata)
+ msn_soap_handle_redirect(conn, urldata);
g_free(urldata);
}
g_free(faultdata);
msn_soap_message_destroy(response);
return TRUE;
- } else if (g_str_equal(faultdata, "wsse:FailedAuthentication")) {
+ } else if (faultdata && g_str_equal(faultdata, "wsse:FailedAuthentication")) {
xmlnode *reason = xmlnode_get_child(fault, "faultstring");
- char *reasondata = xmlnode_get_data(reason);
+ char *reasondata = NULL;
+
+ if (reason)
+ reasondata = xmlnode_get_data(reason);
msn_soap_connection_sanitize(conn, TRUE);
msn_session_set_error(conn->session, MSN_ERROR_AUTH,
More information about the Commits
mailing list