diff options
| author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-12-17 17:40:28 +0100 |
|---|---|---|
| committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-12-17 17:40:28 +0100 |
| commit | 126a9ac71c853e230fdd4abe1ca05f77ba56bbac (patch) | |
| tree | 92dba02d77bbae5d82771b92ffd11223da97d60e | |
| parent | 8c289263043f6f3ed0ae17485658a4387964c961 (diff) | |
| download | lasso-126a9ac71c853e230fdd4abe1ca05f77ba56bbac.tar.gz lasso-126a9ac71c853e230fdd4abe1ca05f77ba56bbac.tar.xz lasso-126a9ac71c853e230fdd4abe1ca05f77ba56bbac.zip | |
[samlv2 logout] check that the assertion is well formed before accessing the subject nameid
| -rw-r--r-- | lasso/saml-2.0/logout.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lasso/saml-2.0/logout.c b/lasso/saml-2.0/logout.c index 332c3287..3d8859f0 100644 --- a/lasso/saml-2.0/logout.c +++ b/lasso/saml-2.0/logout.c @@ -83,6 +83,10 @@ lasso_saml20_logout_init_request(LassoLogout *logout, LassoProvider *remote_prov assertion = (LassoSaml2Assertion*)assertion_n; /* Set the NameID */ + goto_cleanup_if_fail_with_rc(assertion->Subject != NULL, + LASSO_PROFILE_ERROR_MISSING_SUBJECT); + goto_cleanup_if_fail_with_rc(assertion->Subject->NameID != NULL, + LASSO_PROFILE_ERROR_MISSING_NAME_IDENTIFIER); lasso_assign_gobject(logout_request->NameID, assertion->Subject->NameID); /* Encrypt NameID */ |