Mercurial > dovecot > core-2.2

changeset 22231:0cd646579540

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
lib-oauth2: Make sure fields are always initialized
author Aki Tuomi <aki.tuomi@dovecot.fi>
date Tue, 06 Jun 2017 12:47:53 +0300
parents b187ee84347f
children 1a38704403db
files src/lib-oauth2/oauth2-introspect.c src/lib-oauth2/oauth2-refresh.c src/lib-oauth2/oauth2-token-validate.c
diffstat 3 files changed, 5 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/lib-oauth2/oauth2-introspect.c	Tue Jun 06 12:44:55 2017 +0300
+++ b/src/lib-oauth2/oauth2-introspect.c	Tue Jun 06 12:47:53 2017 +0300
@@ -47,6 +47,7 @@
 			oauth2_introspect_continue(req, FALSE, "Missing response body");
 			return;
 		}
+		p_array_init(&req->fields, req->pool, 1);
 		req->is = response->payload;
 		i_stream_ref(req->is);
 		req->parser = json_parser_init(req->is);
--- a/src/lib-oauth2/oauth2-refresh.c	Tue Jun 06 12:44:55 2017 +0300
+++ b/src/lib-oauth2/oauth2-refresh.c	Tue Jun 06 12:47:53 2017 +0300
@@ -87,6 +87,7 @@
 			oauth2_refresh_continue(req, FALSE, "Missing response body");
 			return;
 		}
+		p_array_init(&req->fields, req->pool, 1);
 		req->is = response->payload;
 		i_stream_ref(req->is);
 		req->parser = json_parser_init(req->is);
--- a/src/lib-oauth2/oauth2-token-validate.c	Tue Jun 06 12:44:55 2017 +0300
+++ b/src/lib-oauth2/oauth2-token-validate.c	Tue Jun 06 12:47:53 2017 +0300
@@ -30,6 +30,8 @@
 	struct oauth2_token_validation_result res;
 	i_zero(&res);
 
+	i_assert(array_is_created(&req->fields));
+
 	res.success = success;
 	res.error = error;
 	res.valid = req->valid;
@@ -69,9 +71,9 @@
 			req->valid = TRUE;
 		else
 			req->valid = FALSE;
+		p_array_init(&req->fields, req->pool, 1);
 		/* 2xx is sufficient for token validation */
 		if (response->payload == NULL) {
-			p_array_init(&req->fields, req->pool, 1);
 			oauth2_token_validate_continue(req, TRUE, NULL);
 			return;
 		}