From e54ba3db5b6a3af66cfc84b9624cf2438c83449b Mon Sep 17 00:00:00 2001
From: Holger Weiss <holger@zedat.fu-berlin.de>
Date: Thu, 6 Oct 2016 23:20:45 +0200
Subject: XEP-0198: Cope with invalid 'from'/'to' attributes

Check whether the 'from' and 'to' attributes are valid before bouncing
or resending a stanza from the stream management queue.  They might be
invalid in certain corner cases.

Thanks to Evgeniy for spotting this.
---
 src/ejabberd_c2s.erl | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'src/ejabberd_c2s.erl')

diff --git a/src/ejabberd_c2s.erl b/src/ejabberd_c2s.erl
index 226c5e0da..6068c85ef 100644
--- a/src/ejabberd_c2s.erl
+++ b/src/ejabberd_c2s.erl
@@ -2998,10 +2998,13 @@ handle_unacked_stanzas(#state{mgmt_state = MgmtState} = StateData, F)
 	  lists:foreach(
 	    fun({_, Time, #xmlel{attrs = Attrs} = El}) ->
 		    From_s = fxml:get_attr_s(<<"from">>, Attrs),
-		    From = jid:from_string(From_s),
 		    To_s = fxml:get_attr_s(<<"to">>, Attrs),
-		    To = jid:from_string(To_s),
-		    F(From, To, El, Time)
+		    case {jid:from_string(From_s), jid:from_string(To_s)} of
+		      {#jid{} = From, #jid{} = To} ->
+			  F(From, To, El, Time);
+		      {_, _} ->
+			  ?DEBUG("Dropping stanza due to invalid JID(s)", [])
+		    end
 	    end, queue:to_list(Queue))
     end;
 handle_unacked_stanzas(_StateData, _F) ->
-- 
cgit v1.2.3