closed up denial-of-service attack vector (ironically located in an

input verification routine). This could have been used to trivially terminate Inkboard users' sessions (bzr r133)
author: David Yip <yipdw@alumni.rose-hulman.edu> 2006-02-13 18:19:24 +0000
committer: dwyip <dwyip@users.sourceforge.net> 2006-02-13 18:19:24 +0000
commit: 3ce1f5955ed8bac9240bd0bb82d3a31d1582f49c (patch)
tree: 6f1108c0547df5b0da4c731dae826510a6273d65 /src
parent: no longer GC::release(NULL) with defect inx files, fixes #1358999 (diff)
download: inkscape-3ce1f5955ed8bac9240bd0bb82d3a31d1582f49c.tar.gz
inkscape-3ce1f5955ed8bac9240bd0bb82d3a31d1582f49c.zip
1 files changed, 6 insertions, 2 deletions
diff --git a/src/jabber_whiteboard/message-handler.cpp b/src/jabber_whiteboard/message-handler.cpp
index 031ed7348..56c6972de 100644
--- a/src/jabber_whiteboard/message-handler.cpp
+++ b/src/jabber_whiteboard/message-handler.cpp
@@ -159,11 +159,15 @@ MessageHandler::_isValidMessage(LmMessage* message)
 	// such a message.
 	offline = lm_message_node_get_child(root, "x");
 	if (offline != NULL) {
-		if (strcmp(lm_message_node_get_value(offline), "Offline Storage") == 0) {
-			return false;
+		gchar const* val = lm_message_node_get_value(offline);
+		if (val != NULL) {
+			if (strcmp(val, "Offline Storage") == 0) {
+				return false;
+			}
 		}
 	}
 
+
 	// 4.  If this is a regular chat message...
 	msubtype = lm_message_get_sub_type(message);
author	David Yip <yipdw@alumni.rose-hulman.edu>	2006-02-13 18:19:24 +0000
committer	dwyip <dwyip@users.sourceforge.net>	2006-02-13 18:19:24 +0000
commit	3ce1f5955ed8bac9240bd0bb82d3a31d1582f49c (patch)
tree	6f1108c0547df5b0da4c731dae826510a6273d65 /src
parent	no longer GC::release(NULL) with defect inx files, fixes #1358999 (diff)
download	inkscape-3ce1f5955ed8bac9240bd0bb82d3a31d1582f49c.tar.gz inkscape-3ce1f5955ed8bac9240bd0bb82d3a31d1582f49c.zip