changeset
msn: Fix fault handling NUL-pointer derefs
Sat, 16 Mar 2013 14:17:45 -0400
- author
- Daniel Atallah <datallah@pidgin.im>
- date
- Sat, 16 Mar 2013 14:17:45 -0400
- branch
- release-2.x.y
- changeset 35203
- 68d6df7dc69c
- parent 35202
- ef836278304b
- child 35204
- cd529e1158d3
msn: Fix fault handling NUL-pointer derefs
| libpurple/protocols/msn/oim.c | file | annotate | diff | comparison | revisions | |
| libpurple/protocols/msn/soap.c | file | annotate | diff | comparison | revisions |
--- a/libpurple/protocols/msn/oim.c Sat Mar 16 14:17:45 2013 -0400 +++ b/libpurple/protocols/msn/oim.c Sat Mar 16 14:17:45 2013 -0400 @@ -362,11 +362,12 @@ if (faultcode) { char *faultcode_str = xmlnode_get_data(faultcode); - if (g_str_equal(faultcode_str, "q0:AuthenticationFailed")) { + if (faultcode_str && g_str_equal(faultcode_str, "q0:AuthenticationFailed")) { xmlnode *challengeNode = xmlnode_get_child(faultNode, "detail/LockKeyChallenge"); + char *challenge = NULL; - if (challengeNode == NULL) { + if (challengeNode == NULL || (challenge = xmlnode_get_data(challengeNode)) == NULL) { if (oim->challenge) { g_free(oim->challenge); oim->challenge = NULL; @@ -384,7 +385,6 @@ } else { char buf[33]; - char *challenge = xmlnode_get_data(challengeNode); msn_handle_chl(challenge, buf); g_free(oim->challenge); @@ -400,22 +400,23 @@ } } else { /* Report the error */ - const char *str_reason; - - if (g_str_equal(faultcode_str, "q0:SystemUnavailable")) { - str_reason = _("Message was not sent because the system is " - "unavailable. This normally happens when the " - "user is blocked or does not exist."); + const char *str_reason = NULL; - } else if (g_str_equal(faultcode_str, "q0:SenderThrottleLimitExceeded")) { - str_reason = _("Message was not sent because messages " - "are being sent too quickly."); + if (faultcode_str) { + if (g_str_equal(faultcode_str, "q0:SystemUnavailable")) { + str_reason = _("Message was not sent because the system is " + "unavailable. This normally happens when the " + "user is blocked or does not exist."); + } else if (g_str_equal(faultcode_str, "q0:SenderThrottleLimitExceeded")) { + str_reason = _("Message was not sent because messages " + "are being sent too quickly."); + } else if (g_str_equal(faultcode_str, "q0:InvalidContent")) { + str_reason = _("Message was not sent because an unknown " + "encoding error occurred."); + } + } - } else if (g_str_equal(faultcode_str, "q0:InvalidContent")) { - str_reason = _("Message was not sent because an unknown " - "encoding error occurred."); - - } else { + if (str_reason == NULL) { str_reason = _("Message was not sent because an unknown " "error occurred."); }
--- a/libpurple/protocols/msn/soap.c Sat Mar 16 14:17:45 2013 -0400 +++ b/libpurple/protocols/msn/soap.c Sat Mar 16 14:17:45 2013 -0400 @@ -304,21 +304,25 @@ if (faultcode != NULL) { char *faultdata = xmlnode_get_data(faultcode); - if (g_str_equal(faultdata, "psf:Redirect")) { + if (faultdata && g_str_equal(faultdata, "psf:Redirect")) { xmlnode *url = xmlnode_get_child(fault, "redirectUrl"); if (url) { char *urldata = xmlnode_get_data(url); - msn_soap_handle_redirect(conn, urldata); + if (urldata) + msn_soap_handle_redirect(conn, urldata); g_free(urldata); } g_free(faultdata); msn_soap_message_destroy(response); return TRUE; - } else if (g_str_equal(faultdata, "wsse:FailedAuthentication")) { + } else if (faultdata && g_str_equal(faultdata, "wsse:FailedAuthentication")) { xmlnode *reason = xmlnode_get_child(fault, "faultstring"); - char *reasondata = xmlnode_get_data(reason); + char *reasondata = NULL; + + if (reason) + reasondata = xmlnode_get_data(reason); msn_soap_connection_sanitize(conn, TRUE); msn_session_set_error(conn->session, MSN_ERROR_AUTH,
