Check for missing Destination value.

diff --git a/saml/saml2/binding/impl/SAML2POSTDecoder.cpp b/saml/saml2/binding/impl/SAML2POSTDecoder.cpp
index d3047ed..8595e7e 100644 (file)
--- a/saml/saml2/binding/impl/SAML2POSTDecoder.cpp
+++ b/saml/saml2/binding/impl/SAML2POSTDecoder.cpp
@@ -134,7 +134,7 @@ XMLObject* SAML2POSTDecoder::decode(
         log.error("signed SAML message missing Destination attribute");
         throw BindingException("Signed SAML message missing Destination attribute identifying intended destination.");
     }
-    else if ((delim && strncmp(dest.get(), dest2, delim - dest2)) || (!delim && strcmp(dest.get(),dest2))) {
+    else if (dest.get() && *dest.get() && ((delim && strncmp(dest.get(), dest2, delim - dest2)) || (!delim && strcmp(dest.get(),dest2)))) {
         log.error("POST targeted at (%s), but delivered to (%s)", dest.get(), dest2);
         throw BindingException("SAML message delivered with POST to incorrect server URL.");
     }

diff --git a/saml/saml2/binding/impl/SAML2RedirectDecoder.cpp b/saml/saml2/binding/impl/SAML2RedirectDecoder.cpp
index 4a725bc..a5e599d 100644 (file)
--- a/saml/saml2/binding/impl/SAML2RedirectDecoder.cpp
+++ b/saml/saml2/binding/impl/SAML2RedirectDecoder.cpp
@@ -148,7 +148,7 @@ XMLObject* SAML2RedirectDecoder::decode(
         log.error("signed SAML message missing Destination attribute");
         throw BindingException("Signed SAML message missing Destination attribute identifying intended destination.");
     }
-    else if ((delim && strncmp(dest.get(), dest2, delim - dest2)) || (!delim && strcmp(dest.get(),dest2))) {
+    else if (dest.get() && *dest.get() && ((delim && strncmp(dest.get(), dest2, delim - dest2)) || (!delim && strcmp(dest.get(),dest2)))) {
         log.error("Redirect targeted at (%s), but delivered to (%s)", dest.get(), dest2);
         throw BindingException("SAML message delivered with Redirect to incorrect server URL.");
     }