From 6ea197ac3f73c2fb5af5e5a099a2033559bc2131 Mon Sep 17 00:00:00 2001
From: Scott Cantor <cantor.2@osu.edu>
Date: Thu, 9 Aug 2007 18:32:34 +0000
Subject: [PATCH] Check for missing Destination value.

---
 saml/saml2/binding/impl/SAML2POSTDecoder.cpp     | 2 +-
 saml/saml2/binding/impl/SAML2RedirectDecoder.cpp | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/saml/saml2/binding/impl/SAML2POSTDecoder.cpp b/saml/saml2/binding/impl/SAML2POSTDecoder.cpp
index d3047ed..8595e7e 100644
--- a/saml/saml2/binding/impl/SAML2POSTDecoder.cpp
+++ b/saml/saml2/binding/impl/SAML2POSTDecoder.cpp
@@ -134,7 +134,7 @@ XMLObject* SAML2POSTDecoder::decode(
         log.error("signed SAML message missing Destination attribute");
         throw BindingException("Signed SAML message missing Destination attribute identifying intended destination.");
     }
-    else if ((delim && strncmp(dest.get(), dest2, delim - dest2)) || (!delim && strcmp(dest.get(),dest2))) {
+    else if (dest.get() && *dest.get() && ((delim && strncmp(dest.get(), dest2, delim - dest2)) || (!delim && strcmp(dest.get(),dest2)))) {
         log.error("POST targeted at (%s), but delivered to (%s)", dest.get(), dest2);
         throw BindingException("SAML message delivered with POST to incorrect server URL.");
     }
diff --git a/saml/saml2/binding/impl/SAML2RedirectDecoder.cpp b/saml/saml2/binding/impl/SAML2RedirectDecoder.cpp
index 4a725bc..a5e599d 100644
--- a/saml/saml2/binding/impl/SAML2RedirectDecoder.cpp
+++ b/saml/saml2/binding/impl/SAML2RedirectDecoder.cpp
@@ -148,7 +148,7 @@ XMLObject* SAML2RedirectDecoder::decode(
         log.error("signed SAML message missing Destination attribute");
         throw BindingException("Signed SAML message missing Destination attribute identifying intended destination.");
     }
-    else if ((delim && strncmp(dest.get(), dest2, delim - dest2)) || (!delim && strcmp(dest.get(),dest2))) {
+    else if (dest.get() && *dest.get() && ((delim && strncmp(dest.get(), dest2, delim - dest2)) || (!delim && strcmp(dest.get(),dest2)))) {
         log.error("Redirect targeted at (%s), but delivered to (%s)", dest.get(), dest2);
         throw BindingException("SAML message delivered with Redirect to incorrect server URL.");
     }
-- 
2.1.4