summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften')
-rw-r--r--Swiften/IDN/StringPrep.cpp12
-rw-r--r--Swiften/JID/JID.cpp56
-rw-r--r--Swiften/JID/JID.h3
-rw-r--r--Swiften/JID/UnitTest/JIDTest.cpp7
-rw-r--r--Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp13
5 files changed, 63 insertions, 28 deletions
diff --git a/Swiften/IDN/StringPrep.cpp b/Swiften/IDN/StringPrep.cpp
index 140e130..db09523 100644
--- a/Swiften/IDN/StringPrep.cpp
+++ b/Swiften/IDN/StringPrep.cpp
@@ -43,11 +43,19 @@ using namespace Swift;
namespace Swift {
std::string StringPrep::getPrepared(const std::string& s, Profile profile) {
- return std::string(vecptr(getStringPrepared< std::string, std::vector<char> >(s, profile)));
+ std::vector<char> preparedData = getStringPrepared< std::string, std::vector<char> >(s, profile);
+ if (preparedData.empty()) {
+ throw std::exception();
+ }
+ return std::string(vecptr(preparedData));
}
SafeByteArray StringPrep::getPrepared(const SafeByteArray& s, Profile profile) {
- return createSafeByteArray(reinterpret_cast<const char*>(vecptr(getStringPrepared<SafeByteArray, std::vector<char, SafeAllocator<char> > >(s, profile))));
+ std::vector<char, SafeAllocator<char> > preparedData = getStringPrepared<SafeByteArray, std::vector<char, SafeAllocator<char> > >(s, profile);
+ if (preparedData.empty()) {
+ throw std::exception();
+ }
+ return createSafeByteArray(reinterpret_cast<const char*>(vecptr(preparedData)));
}
}
diff --git a/Swiften/JID/JID.cpp b/Swiften/JID/JID.cpp
index 2ebbdd6..653ac6a 100644
--- a/Swiften/JID/JID.cpp
+++ b/Swiften/JID/JID.cpp
@@ -110,24 +110,25 @@ struct EscapedCharacterFormatter {
};
#endif
-JID::JID(const char* jid) {
+JID::JID(const char* jid) : valid_(true) {
initializeFromString(std::string(jid));
}
-JID::JID(const std::string& jid) {
+JID::JID(const std::string& jid) : valid_(true) {
initializeFromString(jid);
}
-JID::JID(const std::string& node, const std::string& domain) : hasResource_(false) {
+JID::JID(const std::string& node, const std::string& domain) : valid_(true), hasResource_(false) {
nameprepAndSetComponents(node, domain, "");
}
-JID::JID(const std::string& node, const std::string& domain, const std::string& resource) : hasResource_(true) {
+JID::JID(const std::string& node, const std::string& domain, const std::string& resource) : valid_(true), hasResource_(true) {
nameprepAndSetComponents(node, domain, resource);
}
void JID::initializeFromString(const std::string& jid) {
if (String::beginsWith(jid, '@')) {
+ valid_ = false;
return;
}
@@ -153,31 +154,40 @@ void JID::initializeFromString(const std::string& jid) {
void JID::nameprepAndSetComponents(const std::string& node, const std::string& domain, const std::string& resource) {
+ try {
#ifndef SWIFTEN_CACHE_JID_PREP
- node_ = StringPrep::getPrepared(node, StringPrep::NamePrep);
- domain_ = StringPrep::getPrepared(domain, StringPrep::XMPPNodePrep);
- resource_ = StringPrep::getPrepared(resource, StringPrep::XMPPResourcePrep);
+ node_ = StringPrep::getPrepared(node, StringPrep::NamePrep);
+ domain_ = StringPrep::getPrepared(domain, StringPrep::XMPPNodePrep);
+ resource_ = StringPrep::getPrepared(resource, StringPrep::XMPPResourcePrep);
#else
- std::pair<PrepCache::iterator, bool> r;
+ std::pair<PrepCache::iterator, bool> r;
- r = nodePrepCache.insert(std::make_pair(node, std::string()));
- if (r.second) {
- r.first->second = StringPrep::getPrepared(node, StringPrep::NamePrep);
- }
- node_ = r.first->second;
+ r = nodePrepCache.insert(std::make_pair(node, std::string()));
+ if (r.second) {
+ r.first->second = StringPrep::getPrepared(node, StringPrep::NamePrep);
+ }
+ node_ = r.first->second;
- r = domainPrepCache.insert(std::make_pair(domain, std::string()));
- if (r.second) {
- r.first->second = StringPrep::getPrepared(domain, StringPrep::XMPPNodePrep);
- }
- domain_ = r.first->second;
+ r = domainPrepCache.insert(std::make_pair(domain, std::string()));
+ if (r.second) {
+ r.first->second = StringPrep::getPrepared(domain, StringPrep::XMPPNodePrep);
+ }
+ domain_ = r.first->second;
+ if (domain_.empty()) {
+ valid_ = false;
+ return;
+ }
- r = resourcePrepCache.insert(std::make_pair(resource, std::string()));
- if (r.second) {
- r.first->second = StringPrep::getPrepared(resource, StringPrep::XMPPResourcePrep);
- }
- resource_ = r.first->second;
+ r = resourcePrepCache.insert(std::make_pair(resource, std::string()));
+ if (r.second) {
+ r.first->second = StringPrep::getPrepared(resource, StringPrep::XMPPResourcePrep);
+ }
+ resource_ = r.first->second;
#endif
+ }
+ catch (const std::exception&) {
+ valid_ = false;
+ }
}
std::string JID::toString() const {
diff --git a/Swiften/JID/JID.h b/Swiften/JID/JID.h
index 756db98..a4461ba 100644
--- a/Swiften/JID/JID.h
+++ b/Swiften/JID/JID.h
@@ -72,7 +72,7 @@ namespace Swift {
* @return Is a correctly-formatted JID.
*/
bool isValid() const {
- return !domain_.empty(); /* FIXME */
+ return valid_;
}
/**
@@ -162,6 +162,7 @@ namespace Swift {
void initializeFromString(const std::string&);
private:
+ bool valid_;
std::string node_;
std::string domain_;
bool hasResource_;
diff --git a/Swiften/JID/UnitTest/JIDTest.cpp b/Swiften/JID/UnitTest/JIDTest.cpp
index 6f7895a..cd21d03 100644
--- a/Swiften/JID/UnitTest/JIDTest.cpp
+++ b/Swiften/JID/UnitTest/JIDTest.cpp
@@ -23,6 +23,7 @@ class JIDTest : public CppUnit::TestFixture
CPPUNIT_TEST(testConstructorWithString_UpperCaseDomain);
CPPUNIT_TEST(testConstructorWithString_UpperCaseResource);
CPPUNIT_TEST(testConstructorWithString_EmptyNode);
+ CPPUNIT_TEST(testConstructorWithString_IllegalResource);
CPPUNIT_TEST(testConstructorWithStrings);
CPPUNIT_TEST(testIsBare);
CPPUNIT_TEST(testIsBare_NotBare);
@@ -129,6 +130,12 @@ class JIDTest : public CppUnit::TestFixture
CPPUNIT_ASSERT(!testling.isValid());
}
+ void testConstructorWithString_IllegalResource() {
+ JID testling("foo@bar.com/\xd8\xb1\xd9\x85\xd9\x82\xd9\x87\x20\xd8\xaa\xd8\xb1\xd9\x86\xd8\xb3\x20");
+
+ CPPUNIT_ASSERT(!testling.isValid());
+ }
+
void testConstructorWithStrings() {
JID testling("foo", "bar", "baz");
diff --git a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
index 5fa1f05..20b3d8a 100644
--- a/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
+++ b/Swiften/SASL/SCRAMSHA1ClientAuthenticator.cpp
@@ -100,7 +100,11 @@ bool SCRAMSHA1ClientAuthenticator::setChallenge(const boost::optional<ByteArray>
}
// Compute all the values needed for the server signature
- saltedPassword = PBKDF2::encode(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations);
+ try {
+ saltedPassword = PBKDF2::encode(StringPrep::getPrepared(getPassword(), StringPrep::SASLPrep), salt, iterations);
+ }
+ catch (const std::exception&) {
+ }
authMessage = concat(getInitialBareClientMessage(), createByteArray(","), initialServerMessage, createByteArray(","), getFinalMessageWithoutProof());
ByteArray serverKey = HMACSHA1::getResult(saltedPassword, createByteArray("Server Key"));
serverSignature = HMACSHA1::getResult(serverKey, authMessage);
@@ -147,7 +151,12 @@ std::map<char, std::string> SCRAMSHA1ClientAuthenticator::parseMap(const std::st
}
ByteArray SCRAMSHA1ClientAuthenticator::getInitialBareClientMessage() const {
- std::string authenticationID = StringPrep::getPrepared(getAuthenticationID(), StringPrep::SASLPrep);
+ std::string authenticationID;
+ try {
+ authenticationID = StringPrep::getPrepared(getAuthenticationID(), StringPrep::SASLPrep);
+ }
+ catch (const std::exception&) {
+ }
return createByteArray(std::string("n=" + escape(authenticationID) + ",r=" + clientnonce));
}