Malformed CAPTCHA response may crash a room. This is now fixed. (thanks to Evgeniy Khramtsov)

SVN Revision: 2150

src/ejabberd_captcha.erl

@@ -150,30 +150,36 @@ check_captcha(Id, ProvidedKey) ->
 
 process_reply(El) ->
     case {exmpp_xml:element_matches(El, captcha),
-    exmpp_xml:get_element(El, x)} of
+	  exmpp_xml:get_element(El, x)} of
 	{false, _} ->
 	    {error, malformed};
 	{_, undefined} ->
 	    {error, malformed};
 	{true, Xdata} ->
 	    Fields = jlib:parse_xdata_submit(Xdata),
-	    [Id | _] = proplists:get_value("challenge", Fields, [none]),
+	    case {proplists:get_value("challenge", Fields),
-	    [OCR | _] = proplists:get_value("ocr", Fields, [none]),
+		  proplists:get_value("ocr", Fields)} of
-	    ?T(case mnesia:read(captcha, Id, write) of
+		{[Id|_], [OCR|_]} ->
-		   [#captcha{pid=Pid, args=Args, key=Key, tref=Tref}] ->
+		    ?T(case mnesia:read(captcha, Id, write) of
-		       mnesia:delete({captcha, Id}),
+			   [#captcha{pid=Pid, args=Args, key=Key, tref=Tref}] ->
-		       erlang:cancel_timer(Tref),
+			       mnesia:delete({captcha, Id}),
-		       if OCR == Key ->
+			       erlang:cancel_timer(Tref),
-			       Pid ! {captcha_succeed, Args},
+			       if OCR == Key ->
-			       ok;
+				       Pid ! {captcha_succeed, Args},
-			  true ->
+				       ok;
-			       Pid ! {captcha_failed, Args},
+				  true ->
-			       {error, bad_match}
+				       Pid ! {captcha_failed, Args},
-		       end;
+				       {error, bad_match}
-		   _ ->
+			       end;
-		       {error, not_found}
+			   _ ->
-	       end)
+			       {error, not_found}
-    end.
+		       end);
+		_ ->
+		    {error, malformed}
+	    end
+    end;
+process_reply(_) ->
+    {error, malformed}.
 
 
 process(_Handlers, #request{method='GET', lang=Lang, path=[_, Id]}) ->