Mercurial > pidgin
comparison libpurple/protocols/jabber/jingle/session.c @ 32380:231c9635b82a
Fix crashes and memory leaks when receiving malformed voice
and video requests. Thanks to Thijs Alkemade for reporting this!
| author | Mark Doliner <mark@kingant.net> |
|---|---|
| date | Tue, 06 Dec 2011 07:06:01 +0000 |
| parents | c9da7f5fbd0e |
| children |
comparison
equal
deleted
inserted
replaced
| 32379:76b7754ba906 | 32380:231c9635b82a |
|---|---|
| 286 | 286 |
| 287 /* insert it into the hash table */ | 287 /* insert it into the hash table */ |
| 288 if (!js->sessions) { | 288 if (!js->sessions) { |
| 289 purple_debug_info("jingle", | 289 purple_debug_info("jingle", |
| 290 "Creating hash table for sessions\n"); | 290 "Creating hash table for sessions\n"); |
| 291 js->sessions = g_hash_table_new(g_str_hash, g_str_equal); | 291 js->sessions = g_hash_table_new_full(g_str_hash, g_str_equal, g_free, NULL); |
| 292 } | 292 } |
| 293 purple_debug_info("jingle", | 293 purple_debug_info("jingle", |
| 294 "inserting session with key: %s into table\n", sid); | 294 "inserting session with key: %s into table\n", sid); |
| 295 g_hash_table_insert(js->sessions, g_strdup(sid), session); | 295 g_hash_table_insert(js->sessions, g_strdup(sid), session); |
| 296 | 296 |
| 409 xmlnode *jingle = iq ? | 409 xmlnode *jingle = iq ? |
| 410 xmlnode_new_child(iq->node, "jingle") : | 410 xmlnode_new_child(iq->node, "jingle") : |
| 411 xmlnode_new("jingle"); | 411 xmlnode_new("jingle"); |
| 412 gchar *local_jid = jingle_session_get_local_jid(session); | 412 gchar *local_jid = jingle_session_get_local_jid(session); |
| 413 gchar *remote_jid = jingle_session_get_remote_jid(session); | 413 gchar *remote_jid = jingle_session_get_remote_jid(session); |
| 414 gchar *sid = jingle_session_get_sid(session); | |
| 414 | 415 |
| 415 xmlnode_set_namespace(jingle, JINGLE); | 416 xmlnode_set_namespace(jingle, JINGLE); |
| 416 xmlnode_set_attrib(jingle, "action", jingle_get_action_name(action)); | 417 xmlnode_set_attrib(jingle, "action", jingle_get_action_name(action)); |
| 417 | 418 |
| 418 if (jingle_session_is_initiator(session)) { | 419 if (jingle_session_is_initiator(session)) { |
| 419 xmlnode_set_attrib(jingle, "initiator", | 420 xmlnode_set_attrib(jingle, "initiator", local_jid); |
| 420 jingle_session_get_local_jid(session)); | 421 xmlnode_set_attrib(jingle, "responder", remote_jid); |
| 421 xmlnode_set_attrib(jingle, "responder", | |
| 422 jingle_session_get_remote_jid(session)); | |
| 423 } else { | 422 } else { |
| 424 xmlnode_set_attrib(jingle, "initiator", | 423 xmlnode_set_attrib(jingle, "initiator", remote_jid); |
| 425 jingle_session_get_remote_jid(session)); | 424 xmlnode_set_attrib(jingle, "responder", local_jid); |
| 426 xmlnode_set_attrib(jingle, "responder", | 425 } |
| 427 jingle_session_get_local_jid(session)); | 426 |
| 428 } | 427 xmlnode_set_attrib(jingle, "sid", sid); |
| 429 | 428 |
| 430 g_free(local_jid); | 429 g_free(local_jid); |
| 431 g_free(remote_jid); | 430 g_free(remote_jid); |
| 432 | 431 g_free(sid); |
| 433 xmlnode_set_attrib(jingle, "sid", jingle_session_get_sid(session)); | |
| 434 | 432 |
| 435 return jingle; | 433 return jingle; |
| 436 } | 434 } |
| 437 | 435 |
| 438 JabberIq * | 436 JabberIq * |
| 506 } | 504 } |
| 507 | 505 |
| 508 JingleContent * | 506 JingleContent * |
| 509 jingle_session_find_content(JingleSession *session, const gchar *name, const gchar *creator) | 507 jingle_session_find_content(JingleSession *session, const gchar *name, const gchar *creator) |
| 510 { | 508 { |
| 511 GList *iter = session->priv->contents; | 509 GList *iter; |
| 510 | |
| 511 if (name == NULL) | |
| 512 return NULL; | |
| 513 | |
| 514 iter = session->priv->contents; | |
| 512 for (; iter; iter = g_list_next(iter)) { | 515 for (; iter; iter = g_list_next(iter)) { |
| 513 JingleContent *content = iter->data; | 516 JingleContent *content = iter->data; |
| 514 gchar *cname = jingle_content_get_name(content); | 517 gchar *cname = jingle_content_get_name(content); |
| 515 gboolean result = !strcmp(name, cname); | 518 gboolean result = g_str_equal(name, cname); |
| 516 g_free(cname); | 519 g_free(cname); |
| 517 | 520 |
| 518 if (creator != NULL) { | 521 if (creator != NULL) { |
| 519 gchar *ccreator = jingle_content_get_creator(content); | 522 gchar *ccreator = jingle_content_get_creator(content); |
| 520 result = (result && !strcmp(creator, ccreator)); | 523 result = (result && !strcmp(creator, ccreator)); |
| 528 } | 531 } |
| 529 | 532 |
| 530 JingleContent * | 533 JingleContent * |
| 531 jingle_session_find_pending_content(JingleSession *session, const gchar *name, const gchar *creator) | 534 jingle_session_find_pending_content(JingleSession *session, const gchar *name, const gchar *creator) |
| 532 { | 535 { |
| 533 GList *iter = session->priv->pending_contents; | 536 GList *iter; |
| 537 | |
| 538 if (name == NULL) | |
| 539 return NULL; | |
| 540 | |
| 541 iter = session->priv->pending_contents; | |
| 534 for (; iter; iter = g_list_next(iter)) { | 542 for (; iter; iter = g_list_next(iter)) { |
| 535 JingleContent *content = iter->data; | 543 JingleContent *content = iter->data; |
| 536 gchar *cname = jingle_content_get_name(content); | 544 gchar *cname = jingle_content_get_name(content); |
| 537 gboolean result = !strcmp(name, cname); | 545 gboolean result = g_str_equal(name, cname); |
| 538 g_free(cname); | 546 g_free(cname); |
| 539 | 547 |
| 540 if (creator != NULL) { | 548 if (creator != NULL) { |
| 541 gchar *ccreator = jingle_content_get_creator(content); | 549 gchar *ccreator = jingle_content_get_creator(content); |
| 542 result = (result && !strcmp(creator, ccreator)); | 550 result = (result && !strcmp(creator, ccreator)); |