diff options
-rw-r--r-- | src/xmldsig.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/src/xmldsig.c b/src/xmldsig.c index 0664c485..db33058e 100644 --- a/src/xmldsig.c +++ b/src/xmldsig.c @@ -913,6 +913,10 @@ xmlSecHexToInt(char a) static int xmlSecDecodeCmp(const xmlChar* encoded, const xmlChar* plain) { + + xmlSecAssert2(encoded != NULL, -1); + xmlSecAssert2(plain != NULL, -1); + while(*plain != NULL) { if(*encoded == NULL) return(-1); @@ -966,6 +970,16 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen int isInProxy = 0; if(dsigCtx->proxyCtxPtr != NULL) { xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI); + if(refUri == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + NULL, + XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, + "node=%s", + xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); + return(-1); + } + xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, @@ -974,7 +988,6 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen refUri); xmlSecProxyCtxPtr pc = dsigCtx->proxyCtxPtr; - int uriLen = strlen((const char*)refUri); while(pc != NULL) { if(xmlSecDecodeCmp(refUri, pc->cache) == 0) { isInProxy = 1; |