From 4e486d4ba9300c553a7a8fce15037141d48a77f5 Mon Sep 17 00:00:00 2001
From: Waqas Hussain <waqas20@gmail.com>
Date: Sat, 29 Jan 2011 04:42:56 +0500
Subject: stanza_router: Return a <bad-request/> error on invalid IQ type.

---
 core/stanza_router.lua | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'core')

diff --git a/core/stanza_router.lua b/core/stanza_router.lua
index 97d328a1..406ad2f0 100644
--- a/core/stanza_router.lua
+++ b/core/stanza_router.lua
@@ -40,6 +40,7 @@ local function handle_unhandled_stanza(host, origin, stanza)
 	end
 end
 
+local iq_types = { set=true, get=true, result=true, error=true };
 function core_process_stanza(origin, stanza)
 	(origin.log or log)("debug", "Received[%s]: %s", origin.type, stanza:top_tag())
 
@@ -47,8 +48,8 @@ function core_process_stanza(origin, stanza)
 	if stanza.attr.type == "error" and #stanza.tags == 0 then return; end -- TODO invalid stanza, log
 	if stanza.name == "iq" then
 		if not stanza.attr.id then stanza.attr.id = ""; end -- COMPAT Jabiru doesn't send the id attribute on roster requests
-		if (stanza.attr.type == "set" or stanza.attr.type == "get") and (#stanza.tags ~= 1) then
-			origin.send(st.error_reply(stanza, "modify", "bad-request"));
+		if not iq_types[stanza.attr.type] or ((stanza.attr.type == "set" or stanza.attr.type == "get") and (#stanza.tags ~= 1)) then
+			origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid IQ type or incorrect number of children"));
 			return;
 		end
 	end
-- 
cgit v1.2.3