tools: fix segfault in lasso_get_saml_message (fixes #24830)
We reuse the "message" local variable but we should not. Also fix a segfault in lasso_xmltextreader_from_message() when getting the length of "message" before checking if it is NULL or not.
This commit is contained in:
parent
eb6e0e23b4
commit
e29de3160d
|
@ -3056,6 +3056,7 @@ lasso_get_saml_message(xmlChar **query_fields) {
|
|||
int i = 0;
|
||||
char *enc = NULL;
|
||||
char *message = NULL;
|
||||
char *saml_message = NULL;
|
||||
char *decoded_message = NULL;
|
||||
xmlChar *field = NULL;
|
||||
char *t = NULL;
|
||||
|
@ -3096,12 +3097,12 @@ lasso_get_saml_message(xmlChar **query_fields) {
|
|||
goto cleanup;
|
||||
}
|
||||
/* rc contains the length of the result */
|
||||
message = (char*)lasso_inflate((unsigned char*) decoded_message, rc);
|
||||
saml_message = (char*)lasso_inflate((unsigned char*) decoded_message, rc);
|
||||
cleanup:
|
||||
if (decoded_message) {
|
||||
lasso_release(decoded_message);
|
||||
}
|
||||
return message;
|
||||
return saml_message;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -3126,10 +3127,10 @@ lasso_xmltextreader_from_message(const char *message, char **to_free) {
|
|||
if (needle && message[len-1] != '=') {
|
||||
query_fields = lasso_urlencoded_to_strings(message);
|
||||
message = *to_free = lasso_get_saml_message(query_fields);
|
||||
len = strlen(message);
|
||||
if (! message) {
|
||||
goto cleanup;
|
||||
}
|
||||
len = strlen(message);
|
||||
} else { /* POST */
|
||||
int rc = 0;
|
||||
|
||||
|
|
|
@ -2082,7 +2082,7 @@ START_TEST(test15_ds_key_info)
|
|||
}
|
||||
END_TEST
|
||||
|
||||
/* test load federation */
|
||||
/* test get issuer */
|
||||
START_TEST(test16_test_get_issuer)
|
||||
{
|
||||
char *content = NULL;
|
||||
|
@ -2169,6 +2169,12 @@ START_TEST(test16_test_get_issuer)
|
|||
lasso_release_gobject(spLoginContext);
|
||||
lasso_release_gobject(spServerContext);
|
||||
|
||||
begin_check_do_log("Lasso", G_LOG_LEVEL_DEBUG, "could not decode POST SAML message", TRUE);
|
||||
check_null(lasso_profile_get_issuer(""));
|
||||
end_check_do_log("Lasso");
|
||||
begin_check_do_log("Lasso", G_LOG_LEVEL_DEBUG, "message is not base64", TRUE);
|
||||
check_null(lasso_profile_get_issuer("SAMLRequest=!!hello!!"));
|
||||
end_check_do_log("Lasso");
|
||||
}
|
||||
END_TEST
|
||||
|
||||
|
|
Loading…
Reference in New Issue