Additional checks

2018-03-09 05:38:15 +00:00 · 2018-03-09 05:38:15 +00:00 · 3e51fa73b1
parent c9095386c8
commit 3e51fa73b1
1 changed files with 9 additions and 0 deletions
--- a/src/Protocol/Diaspora.php
+++ b/src/Protocol/Diaspora.php
@ -221,6 +221,11 @@ class Diaspora

 		$signable_data = $msg.".".base64url_encode($type).".".base64url_encode($encoding).".".base64url_encode($alg);

+		if ($handle == '') {
+			logger('No author could be decoded. Discarding. Message: ' . $envelope);
+			return false;
+		}
+
 		$key = self::key($handle);
 		if ($key == '') {
 			logger("Couldn't get a key for handle " . $handle . ". Discarding.");
@ -331,6 +336,10 @@ class Diaspora
 		}

 		$key = self::key($author_addr);
+		if ($key == '') {
+			logger("Couldn't get a key for handle " . $author_addr . ". Discarding.");
+			System::httpExit(400);
+		}

 		$verify = Crypto::rsaVerify($signed_data, $signature, $key);
 		if (!$verify) {