changeset 1407:b631c8a8b9e7

mod_smacks: Assert that the 'h' attribute is present and a number
author Kim Alvefur <zash@zash.se>
date Wed, 07 May 2014 14:21:33 +0200
parents 7d76dd2310ef
children ed2a9c00b5c4
files mod_smacks/mod_smacks.lua
diffstat 1 files changed, 5 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/mod_smacks/mod_smacks.lua	Wed May 07 14:19:44 2014 +0200
+++ b/mod_smacks/mod_smacks.lua	Wed May 07 14:21:33 2014 +0200
@@ -193,7 +193,11 @@
 	origin.awaiting_ack = nil;
 	-- Remove handled stanzas from outgoing_stanza_queue
 	--log("debug", "ACK: h=%s, last=%s", stanza.attr.h or "", origin.last_acknowledged_stanza or "");
-	local handled_stanza_count = tonumber(stanza.attr.h)-origin.last_acknowledged_stanza;
+	local h = tonumber(stanza.attr.h);
+	if not h then
+		origin:close{ condition = "invalid-xml"; text = "Missing or invalid 'h' attribute"; };
+	end
+	local handled_stanza_count = h-origin.last_acknowledged_stanza;
 	local queue = origin.outgoing_stanza_queue;
 	if handled_stanza_count > #queue then
 		session.log("warn", "The client says it handled %d new stanzas, but we only sent %d :)",