diff options
| author | Frederic Peters <fpeters@entrouvert.com> | 2006-12-28 17:32:40 +0000 |
|---|---|---|
| committer | Frederic Peters <fpeters@entrouvert.com> | 2006-12-28 17:32:40 +0000 |
| commit | 1e77c84d5dccc4326995ca923c03f1ae5dce0256 (patch) | |
| tree | 0096fa72fa917176235723df84e03ad5e866d991 | |
| parent | c86d99e9e09ce219c869e01ec7430cbd6e779a80 (diff) | |
extra checking for wrong or NULL parameters
| -rw-r--r-- | lasso/saml-2.0/ecp.c | 11 | ||||
| -rw-r--r-- | lasso/saml-2.0/name_id_management.c | 31 |
2 files changed, 33 insertions, 9 deletions
diff --git a/lasso/saml-2.0/ecp.c b/lasso/saml-2.0/ecp.c index 8f6e9dfc..d6174ed6 100644 --- a/lasso/saml-2.0/ecp.c +++ b/lasso/saml-2.0/ecp.c @@ -49,7 +49,7 @@ void lasso_ecp_destroy(LassoEcp *ecp) { - g_object_unref(G_OBJECT(ecp)); + lasso_node_destroy(LASSO_NODE(ecp)); } /*****************************************************************************/ @@ -125,11 +125,11 @@ lasso_ecp_process_authn_request_msg(LassoEcp *ecp, const char *authn_request_msg LassoProfile *profile; LassoProvider *remote_provider; + g_return_val_if_fail(LASSO_IS_ECP(ecp), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); + g_return_val_if_fail(authn_request_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); + profile = LASSO_PROFILE(ecp); - if (authn_request_msg == NULL) { - return critical_error(LASSO_PROFILE_ERROR_MISSING_REQUEST); - } doc = xmlParseMemory(authn_request_msg, strlen(authn_request_msg)); xpathCtx = xmlXPathNewContext(doc); @@ -194,6 +194,9 @@ lasso_ecp_process_response_msg(LassoEcp *ecp, const char *response_msg) xmlCharEncodingHandler *handler; xmlNs *soap_env_ns, *ecp_ns; + g_return_val_if_fail(LASSO_IS_ECP(ecp), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); + g_return_val_if_fail(response_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); + doc = xmlParseMemory(response_msg, strlen(response_msg)); xpathCtx = xmlXPathNewContext(doc); xmlXPathRegisterNs(xpathCtx, (xmlChar*)"s", (xmlChar*)LASSO_SOAP_ENV_HREF); diff --git a/lasso/saml-2.0/name_id_management.c b/lasso/saml-2.0/name_id_management.c index 9e5862c6..43cb2966 100644 --- a/lasso/saml-2.0/name_id_management.c +++ b/lasso/saml-2.0/name_id_management.c @@ -186,7 +186,7 @@ gint lasso_name_id_management_process_request_msg(LassoNameIdManagement *name_id_management, char *request_msg) { - LassoProfile *profile = LASSO_PROFILE(name_id_management); + LassoProfile *profile; LassoProvider *remote_provider; LassoMessageFormat format; LassoSaml2NameID *name_id; @@ -194,6 +194,10 @@ lasso_name_id_management_process_request_msg(LassoNameIdManagement *name_id_mana LassoSaml2EncryptedElement* encrypted_element = NULL; xmlSecKey *encryption_private_key = NULL; + g_return_val_if_fail(LASSO_IS_NAME_ID_MANAGEMENT(name_id_management), + LASSO_PARAM_ERROR_INVALID_VALUE); + + profile = LASSO_PROFILE(name_id_management); profile->request = lasso_samlp2_manage_name_id_request_new(); format = lasso_node_init_from_message(LASSO_NODE(profile->request), request_msg); if (format == LASSO_MESSAGE_FORMAT_UNKNOWN || format == LASSO_MESSAGE_FORMAT_ERROR) { @@ -250,12 +254,16 @@ lasso_name_id_management_process_request_msg(LassoNameIdManagement *name_id_mana int lasso_name_id_management_validate_request(LassoNameIdManagement *name_id_management) { - LassoProfile *profile = LASSO_PROFILE(name_id_management); + LassoProfile *profile; LassoProvider *remote_provider; LassoFederation *federation; LassoSamlp2StatusResponse *response; LassoSaml2NameID *name_id; + g_return_val_if_fail(LASSO_IS_NAME_ID_MANAGEMENT(name_id_management), + LASSO_PARAM_ERROR_INVALID_VALUE); + profile = LASSO_PROFILE(name_id_management); + if (LASSO_IS_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request) == FALSE) return LASSO_PROFILE_ERROR_MISSING_REQUEST; @@ -366,11 +374,15 @@ lasso_name_id_management_validate_request(LassoNameIdManagement *name_id_managem int lasso_name_id_management_build_response_msg(LassoNameIdManagement *name_id_management) { - LassoProfile *profile = LASSO_PROFILE(name_id_management); + LassoProfile *profile; LassoSamlp2StatusResponse *response; LassoProvider *provider; char *url, *query; + g_return_val_if_fail(LASSO_IS_NAME_ID_MANAGEMENT(name_id_management), + LASSO_PARAM_ERROR_INVALID_VALUE); + profile = LASSO_PROFILE(name_id_management); + if (profile->response == NULL) { /* no response set here means request denied */ profile->response = lasso_samlp2_manage_name_id_response_new(); @@ -449,7 +461,7 @@ lasso_name_id_management_process_response_msg( LassoNameIdManagement *name_id_management, gchar *response_msg) { - LassoProfile *profile = LASSO_PROFILE(name_id_management); + LassoProfile *profile; LassoHttpMethod response_method; LassoProvider *remote_provider; LassoSamlp2StatusResponse *response; @@ -457,6 +469,12 @@ lasso_name_id_management_process_response_msg( char *status_code_value; int rc; + g_return_val_if_fail(LASSO_IS_NAME_ID_MANAGEMENT(name_id_management), + LASSO_PARAM_ERROR_INVALID_VALUE); + g_return_val_if_fail(response_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); + + profile = LASSO_PROFILE(name_id_management); + if (LASSO_IS_SAMLP2_MANAGE_NAME_ID_RESPONSE(profile->response) == TRUE) { lasso_node_destroy(profile->response); profile->response = NULL; @@ -683,7 +701,7 @@ lasso_name_id_management_new(LassoServer *server) void lasso_name_id_management_destroy(LassoNameIdManagement *name_id_management) { - g_object_unref(G_OBJECT(name_id_management)); + lasso_node_destroy(LASSO_NODE(name_id_management)); } /** @@ -701,6 +719,9 @@ lasso_name_id_management_new_from_dump(LassoServer *server, const char *dump) LassoNameIdManagement *name_id_management; xmlDoc *doc; + if (dump == NULL) + return NULL; + name_id_management = lasso_name_id_management_new(g_object_ref(server)); doc = xmlParseMemory(dump, strlen(dump)); init_from_xml(LASSO_NODE(name_id_management), xmlDocGetRootElement(doc)); |