# HG changeset patch
# User Daniel Atallah <daniel.atallah@gmail.com>
# Date 1191972140 0
# Node ID 686a492e2b70d6f6f3a4f3f600f92c2d20cd8702
# Parent  1a44d1a17784796b68cd887ac2a74211ec7d28c9
Protect from a buffer overrun if we get bogus data back from the request API. Fixes CID 331.  There is also a fix to check that the connection returned by the request dialog is still valid before using it.

diff -r 1a44d1a17784 -r 686a492e2b70 libpurple/protocols/jabber/usermood.c
--- a/libpurple/protocols/jabber/usermood.c	Tue Oct 09 23:09:05 2007 +0000
+++ b/libpurple/protocols/jabber/usermood.c	Tue Oct 09 23:22:20 2007 +0000
@@ -26,6 +26,7 @@
 #include <string.h>
 #include "internal.h"
 #include "request.h"
+#include "debug.h"
 
 static const char *moodstrings[] = {
 	"afraid",
@@ -145,9 +146,26 @@
 }
 
 static void do_mood_set_from_fields(PurpleConnection *gc, PurpleRequestFields *fields) {
-	JabberStream *js = gc->proto_data;
-	
-	jabber_mood_set(js, moodstrings[purple_request_fields_get_choice(fields, "mood")], purple_request_fields_get_string(fields, "text"));
+	JabberStream *js;
+	int max_mood_idx;
+	int selected_mood = purple_request_fields_get_choice(fields, "mood");
+
+	if (!PURPLE_CONNECTION_IS_VALID(gc)) {
+		purple_debug_error("jabber", "Unable to set mood; account offline.\n");
+		return;
+	}
+
+	js = gc->proto_data;
+
+	/* This is ugly, but protects us from unexpected values. */
+	for (max_mood_idx = 0; moodstrings[max_mood_idx]; max_mood_idx++);
+
+	if (selected_mood < 0 || selected_mood >= max_mood_idx) {
+		purple_debug_error("jabber", "Invalid mood index (%d) selected.\n", selected_mood);
+		return;
+	}
+
+	jabber_mood_set(js, moodstrings[selected_mood], purple_request_fields_get_string(fields, "text"));
 }
 
 static void do_mood_set_mood(PurplePluginAction *action) {