From 049c65f08c639b8bce39b5861b7fc82fcec669b7 Mon Sep 17 00:00:00 2001
From: Scott Cantor <cantor.2@osu.edu>
Date: Mon, 15 Feb 2010 15:51:42 +0000
Subject: [PATCH] Wrap importNode call in exception handler.

---
 saml/saml2/core/impl/Assertions.cpp | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/saml/saml2/core/impl/Assertions.cpp b/saml/saml2/core/impl/Assertions.cpp
index 794f504..60c6085 100644
--- a/saml/saml2/core/impl/Assertions.cpp
+++ b/saml/saml2/core/impl/Assertions.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2009 Internet2
+ *  Copyright 2001-2010 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -164,7 +164,18 @@ XMLObject* EncryptedElementType::decrypt(const CredentialResolver& credResolver,
         if (plaintext->getNodeType()==DOMNode::ELEMENT_NODE) {
             // Import the tree into a new Document that we can bind to the unmarshalled object.
             XercesJanitor<DOMDocument> newdoc(XMLToolingConfig::getConfig().getParser().newDocument());
-            DOMElement* treecopy = static_cast<DOMElement*>(newdoc->importNode(plaintext, true));
+            DOMElement* treecopy;
+            try {
+                treecopy = static_cast<DOMElement*>(newdoc->importNode(plaintext, true));
+            }
+            catch (XMLException& ex) {
+                frag->release();
+                auto_ptr_char temp(ex.getMessage());
+                throw DecryptionException(
+                    string("Error importing decypted DOM into new document: ") + (temp.get() ? temp.get() : "no message")
+                    );
+            }
+            frag->release();
             newdoc->appendChild(treecopy);
             auto_ptr<XMLObject> ret(XMLObjectBuilder::buildOneFromElement(treecopy, true));
             newdoc.release();
-- 
2.1.4