Commit 809cc404 authored by Sylvain Berfini's avatar Sylvain Berfini 🐮
Browse files

Fixed crash if file-authTag or file-key is empty in file transfer content

parent 7c23abce
...@@ -584,37 +584,41 @@ static void fillFileTransferContentInformationsFromVndGsmaRcsFtHttpXml (FileTran ...@@ -584,37 +584,41 @@ static void fillFileTransferContentInformationsFromVndGsmaRcsFtHttpXml (FileTran
// There is a key in the msg: file has been encrypted. // There is a key in the msg: file has been encrypted.
// Convert the key from base 64. // Convert the key from base 64.
xmlChar *keyb64 = xmlNodeListGetString(xmlMessageBody, cur->xmlChildrenNode, 1); xmlChar *keyb64 = xmlNodeListGetString(xmlMessageBody, cur->xmlChildrenNode, 1);
size_t keyb64Length = strlen(reinterpret_cast<char *>(keyb64)); if (keyb64) {
size_t keyb64Length = strlen(reinterpret_cast<char *>(keyb64));
size_t keyLength; size_t keyLength;
bctbx_base64_decode(nullptr, &keyLength, keyb64, keyb64Length); bctbx_base64_decode(nullptr, &keyLength, keyb64, keyb64Length);
uint8_t *keyBuffer = static_cast<uint8_t *>(malloc(keyLength + 1)); uint8_t *keyBuffer = static_cast<uint8_t *>(malloc(keyLength + 1));
// Decode the key into local key buffer. // Decode the key into local key buffer.
bctbx_base64_decode(keyBuffer, &keyLength, keyb64, keyb64Length); bctbx_base64_decode(keyBuffer, &keyLength, keyb64, keyb64Length);
keyBuffer[keyLength] = '\0'; keyBuffer[keyLength] = '\0';
fileTransferContent->setFileKey(reinterpret_cast<char *>(keyBuffer), keyLength); fileTransferContent->setFileKey(reinterpret_cast<char *>(keyBuffer), keyLength);
xmlFree(keyb64); xmlFree(keyb64);
free(keyBuffer); free(keyBuffer);
}
} }
if (!xmlStrcmp(cur->name, (const xmlChar *)"file-authTag")) { if (!xmlStrcmp(cur->name, (const xmlChar *)"file-authTag")) {
// There is authentication tag in the msg: file has been encrypted. // There is authentication tag in the msg: file has been encrypted.
// Convert the tag from base 64. // Convert the tag from base 64.
xmlChar *authTagb64 = xmlNodeListGetString(xmlMessageBody, cur->xmlChildrenNode, 1); xmlChar *authTagb64 = xmlNodeListGetString(xmlMessageBody, cur->xmlChildrenNode, 1);
size_t authTagb64Length = strlen(reinterpret_cast<char *>(authTagb64)); if (authTagb64) {
size_t authTagb64Length = strlen(reinterpret_cast<char *>(authTagb64));
size_t authTagLength; size_t authTagLength;
bctbx_base64_decode(nullptr, &authTagLength, authTagb64, authTagb64Length); bctbx_base64_decode(nullptr, &authTagLength, authTagb64, authTagb64Length);
uint8_t *authTagBuffer = static_cast<uint8_t *>(malloc(authTagLength + 1)); uint8_t *authTagBuffer = static_cast<uint8_t *>(malloc(authTagLength + 1));
// Decode the authTag into local authTag buffer. // Decode the authTag into local authTag buffer.
bctbx_base64_decode(authTagBuffer, &authTagLength, authTagb64, authTagb64Length); bctbx_base64_decode(authTagBuffer, &authTagLength, authTagb64, authTagb64Length);
authTagBuffer[authTagLength] = '\0'; authTagBuffer[authTagLength] = '\0';
fileTransferContent->setFileAuthTag(reinterpret_cast<char *>(authTagBuffer), authTagLength); fileTransferContent->setFileAuthTag(reinterpret_cast<char *>(authTagBuffer), authTagLength);
xmlFree(authTagb64); xmlFree(authTagb64);
free(authTagBuffer); free(authTagBuffer);
}
} }
cur = cur->next; cur = cur->next;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment