From 6779e8e077db4100996a01700418263048febcaf Mon Sep 17 00:00:00 2001 From: Linus Jahn Date: Tue, 21 Feb 2023 14:05:36 +0100 Subject: OmemoManager: Fix deref of nullptr (wrong usage of get_if) My fault. --- src/omemo/QXmppOmemoManager_p.cpp | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/omemo/QXmppOmemoManager_p.cpp b/src/omemo/QXmppOmemoManager_p.cpp index 485ef7b4..c6668e19 100644 --- a/src/omemo/QXmppOmemoManager_p.cpp +++ b/src/omemo/QXmppOmemoManager_p.cpp @@ -632,14 +632,17 @@ QXmppTask ManagerPrivate::setUpDeviceId() // 2. There is an empty PubSub node for device bundles: XEP-0030 states that a server must // respond with a node without included items. auto error = std::get_if(&result); - if (auto stanzaErr = error->value()) { - // allow Cancel|ItemNotFound here - if (!(stanzaErr->type() == Error::Cancel && stanzaErr->condition() == Error::ItemNotFound)) { - warning("Existing / Published device IDs could not be retrieved: " % errorToString(*error)); + if (error) { + if (auto stanzaErr = error->value()) { + // allow Cancel|ItemNotFound here + if (!(stanzaErr->type() == Error::Cancel && stanzaErr->condition() == Error::ItemNotFound)) { + warning("Existing / Published device IDs could not be retrieved: " % errorToString(*error)); + return false; + } + // do not return here + } else { return false; } - } else { - return false; } // The first generated device ID can be used if no device bundle node exists. -- cgit v1.2.3 From 79e684bad566a56c17c1cc270e90b0bfb9de28f2 Mon Sep 17 00:00:00 2001 From: Vladimir Pankratov Date: Sat, 18 Feb 2023 15:54:36 +0500 Subject: According to RFC 5389, nonce (STUN attribute) should be padded --- src/base/QXmppStun.cpp | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'src') diff --git a/src/base/QXmppStun.cpp b/src/base/QXmppStun.cpp index 8a7e61c3..9a2b3932 100644 --- a/src/base/QXmppStun.cpp +++ b/src/base/QXmppStun.cpp @@ -916,6 +916,10 @@ QByteArray QXmppStunMessage::encode(const QByteArray &key, bool addFingerprint) stream << quint16(Nonce); stream << quint16(m_nonce.size()); stream.writeRawData(m_nonce.data(), m_nonce.size()); + if (m_nonce.size() % 4) { + const QByteArray padding(4 - (m_nonce.size() % 4), 0); + stream.writeRawData(padding.data(), padding.size()); + } } // REALM -- cgit v1.2.3 From 7123da8b3856c53cf83ae56e33146b3d698b6792 Mon Sep 17 00:00:00 2001 From: Linus Jahn Date: Thu, 23 Feb 2023 12:18:04 +0100 Subject: FileSharingManager: Fix UB because of use after move Fixes #538. --- src/client/QXmppFileSharingManager.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/client/QXmppFileSharingManager.cpp b/src/client/QXmppFileSharingManager.cpp index f86a1a19..87f8dc05 100644 --- a/src/client/QXmppFileSharingManager.cpp +++ b/src/client/QXmppFileSharingManager.cpp @@ -569,7 +569,7 @@ std::shared_ptr QXmppFileSharingManager::downloadFile( std::move(file), transform(download->d->hashes, [](auto hash) { return hash; })); - await(download->d->hashesFuture, this, [download = std::move(download)](HashVerificationResultPtr hashResult) { + await(download->d->hashesFuture, this, [download](HashVerificationResultPtr hashResult) { auto convert = overloaded { [](HashVerificationResult::NoStrongHashes) { return QXmppFileDownload::Downloaded { -- cgit v1.2.3