Skip to content
Snippets Groups Projects
Commit 81fec9ed authored by Andreas Åkre Solberg's avatar Andreas Åkre Solberg
Browse files

Improved error handling when parsing logout messages 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@385 44740490-163a-0410-bde0-09ae8108e29a
parent 40f4b1cd
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Bindings/SAML20/HTTPRedirect.php
+ 22
2
View file @ 81fec9ed
......@@ -241,7 +241,17 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
$relaystate = NULL;
}
$samlRequestXML = gzinflate(base64_decode( $rawRequest ));
$decodedRequest = @base64_decode($rawRequest, TRUE);
if (!$decodedRequest) {
throw new Exception('Could not base64 decode SAMLRequest GET parameter');
}
$samlRequestXML = @gzinflate($decodedRequest);
if (!$samlRequestXML) {
$error = error_get_last();
throw new Exception('Could not gzinflate base64 decoded SAMLRequest: ' . $error['message'] );
}
$samlRequest = new SimpleSAML_XML_SAML20_LogoutRequest($this->configuration, $this->metadata);
......@@ -269,7 +279,17 @@ class SimpleSAML_Bindings_SAML20_HTTPRedirect {
$relaystate = NULL;
}
$samlRequestXML = gzinflate(base64_decode( $rawRequest ));
$decodedRequest = @base64_decode($rawRequest, TRUE);
if (!$decodedRequest) {
throw new Exception('Could not base64 decode SAMLRequest GET parameter');
}
$samlRequestXML = @gzinflate($decodedRequest);
if (!$samlRequestXML) {
$error = error_get_last();
throw new Exception('Could not gzinflate base64 decoded SAMLRequest: ' . $error['message'] );
}
$samlRequest = new SimpleSAML_XML_SAML20_LogoutResponse($this->configuration, $this->metadata);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment