[ID-FFv1.2] make lasso_login_process_authn_request_msg() return LASSO_PROFILE_ERROR_INVALID_MSG if received request is not a lib:AuthnRequest

author: Benjamin Dauvergne <bdauvergne@entrouvert.com> 2010-10-06 10:39:18 +0200
committer: Benjamin Dauvergne <bdauvergne@entrouvert.com> 2010-10-06 17:00:52 +0200
commit: 58a3868361ba63d51d5c0f802d3b7d2a9a8ae376 (patch)
tree: 1093cafd177f4f43565faba74c2a28dc406c2733 /lasso
parent: 7a27400a87380e3f4262a71946ffc5d17c464c2d (diff)
download: lasso-58a3868361ba63d51d5c0f802d3b7d2a9a8ae376.tar.gz
lasso-58a3868361ba63d51d5c0f802d3b7d2a9a8ae376.tar.xz
lasso-58a3868361ba63d51d5c0f802d3b7d2a9a8ae376.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c
index 20973941..2cb6cf30 100644
--- a/lasso/id-ff/login.c
+++ b/lasso/id-ff/login.c
@@ -2030,7 +2030,11 @@ lasso_login_process_authn_request_msg(LassoLogin *login, const char *authn_reque
 			return critical_error(LASSO_PROFILE_ERROR_INVALID_MSG);
 		}
 
-		lasso_assign_new_gobject(profile->request, LASSO_NODE(request));
+		lasso_assign_new_gobject(profile->request, request);
+		if (! LASSO_IS_LIB_AUTHN_REQUEST(profile->request)) {
+			lasso_release_gobject(profile->request);
+			return LASSO_PROFILE_ERROR_INVALID_MSG;
+		}
 
 		/* get remote ProviderID */
 		lasso_assign_string(profile->remote_providerID,
author	Benjamin Dauvergne <bdauvergne@entrouvert.com>	2010-10-06 10:39:18 +0200
committer	Benjamin Dauvergne <bdauvergne@entrouvert.com>	2010-10-06 17:00:52 +0200
commit	58a3868361ba63d51d5c0f802d3b7d2a9a8ae376 (patch)
tree	1093cafd177f4f43565faba74c2a28dc406c2733 /lasso
parent	7a27400a87380e3f4262a71946ffc5d17c464c2d (diff)
download	lasso-58a3868361ba63d51d5c0f802d3b7d2a9a8ae376.tar.gz lasso-58a3868361ba63d51d5c0f802d3b7d2a9a8ae376.tar.xz lasso-58a3868361ba63d51d5c0f802d3b7d2a9a8ae376.zip