msn: Fix fault handling NUL-pointer derefs release-2.x.y
authorDaniel Atallah <datallah@pidgin.im>
Sat, 16 Mar 2013 14:17:45 -0400
branchrelease-2.x.y
changeset68d6df7dc69c pushlog
parent ef836278304b
child cd529e1158d3
msn: Fix fault handling NUL-pointer derefs
libpurple/protocols/msn/oim.c
libpurple/protocols/msn/soap.c
     1.1 --- a/libpurple/protocols/msn/oim.c
     1.2 +++ b/libpurple/protocols/msn/oim.c
     1.3 @@ -362,11 +362,12 @@
     1.4  			if (faultcode) {
     1.5  				char *faultcode_str = xmlnode_get_data(faultcode);
     1.6  
     1.7 -				if (g_str_equal(faultcode_str, "q0:AuthenticationFailed")) {
     1.8 +				if (faultcode_str && g_str_equal(faultcode_str, "q0:AuthenticationFailed")) {
     1.9  					xmlnode *challengeNode = xmlnode_get_child(faultNode,
    1.10  						"detail/LockKeyChallenge");
    1.11 +					char *challenge = NULL;
    1.12  
    1.13 -					if (challengeNode == NULL) {
    1.14 +					if (challengeNode == NULL || (challenge = xmlnode_get_data(challengeNode)) == NULL) {
    1.15  						if (oim->challenge) {
    1.16  							g_free(oim->challenge);
    1.17  							oim->challenge = NULL;
    1.18 @@ -384,7 +385,6 @@
    1.19  					} else {
    1.20  						char buf[33];
    1.21  
    1.22 -						char *challenge = xmlnode_get_data(challengeNode);
    1.23  						msn_handle_chl(challenge, buf);
    1.24  
    1.25  						g_free(oim->challenge);
    1.26 @@ -400,22 +400,23 @@
    1.27  					}
    1.28  				} else {
    1.29  					/* Report the error */
    1.30 -					const char *str_reason;
    1.31 +					const char *str_reason = NULL;
    1.32  
    1.33 -					if (g_str_equal(faultcode_str, "q0:SystemUnavailable")) {
    1.34 -						str_reason = _("Message was not sent because the system is "
    1.35 -						               "unavailable. This normally happens when the "
    1.36 -						               "user is blocked or does not exist.");
    1.37 +					if (faultcode_str) {
    1.38 +						if (g_str_equal(faultcode_str, "q0:SystemUnavailable")) {
    1.39 +							str_reason = _("Message was not sent because the system is "
    1.40 +							               "unavailable. This normally happens when the "
    1.41 +							               "user is blocked or does not exist.");
    1.42 +						} else if (g_str_equal(faultcode_str, "q0:SenderThrottleLimitExceeded")) {
    1.43 +							str_reason = _("Message was not sent because messages "
    1.44 +							               "are being sent too quickly.");
    1.45 +						} else if (g_str_equal(faultcode_str, "q0:InvalidContent")) {
    1.46 +							str_reason = _("Message was not sent because an unknown "
    1.47 +							               "encoding error occurred.");
    1.48 +						}
    1.49 +					}
    1.50  
    1.51 -					} else if (g_str_equal(faultcode_str, "q0:SenderThrottleLimitExceeded")) {
    1.52 -						str_reason = _("Message was not sent because messages "
    1.53 -						               "are being sent too quickly.");
    1.54 -
    1.55 -					} else if (g_str_equal(faultcode_str, "q0:InvalidContent")) {
    1.56 -						str_reason = _("Message was not sent because an unknown "
    1.57 -						               "encoding error occurred.");
    1.58 -
    1.59 -					} else {
    1.60 +					if (str_reason == NULL) {
    1.61  						str_reason = _("Message was not sent because an unknown "
    1.62  						               "error occurred.");
    1.63  					}
     2.1 --- a/libpurple/protocols/msn/soap.c
     2.2 +++ b/libpurple/protocols/msn/soap.c
     2.3 @@ -304,21 +304,25 @@
     2.4  		if (faultcode != NULL) {
     2.5  			char *faultdata = xmlnode_get_data(faultcode);
     2.6  
     2.7 -			if (g_str_equal(faultdata, "psf:Redirect")) {
     2.8 +			if (faultdata && g_str_equal(faultdata, "psf:Redirect")) {
     2.9  				xmlnode *url = xmlnode_get_child(fault, "redirectUrl");
    2.10  
    2.11  				if (url) {
    2.12  					char *urldata = xmlnode_get_data(url);
    2.13 -					msn_soap_handle_redirect(conn, urldata);
    2.14 +					if (urldata)
    2.15 +						msn_soap_handle_redirect(conn, urldata);
    2.16  					g_free(urldata);
    2.17  				}
    2.18  
    2.19  				g_free(faultdata);
    2.20  				msn_soap_message_destroy(response);
    2.21  				return TRUE;
    2.22 -			} else if (g_str_equal(faultdata, "wsse:FailedAuthentication")) {
    2.23 +			} else if (faultdata && g_str_equal(faultdata, "wsse:FailedAuthentication")) {
    2.24  				xmlnode *reason = xmlnode_get_child(fault, "faultstring");
    2.25 -				char *reasondata = xmlnode_get_data(reason);
    2.26 +				char *reasondata = NULL;
    2.27 +
    2.28 +				if (reason)
    2.29 +					reasondata = xmlnode_get_data(reason);
    2.30  
    2.31  				msn_soap_connection_sanitize(conn, TRUE);
    2.32  				msn_session_set_error(conn->session, MSN_ERROR_AUTH,