From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Mon, 24 May 2021 15:55:28 +0000 (+0300)
Subject: auth: mech-oauth2 - Iterate fields in safer manner
X-Git-Tag: 2.3.16~108
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4766b854371e44edb6f9569e4f8429532fc1653d;p=thirdparty%2Fdovecot%2Fcore.git

auth: mech-oauth2 - Iterate fields in safer manner

Static analyser wasn't happy about the previous way.
---

diff --git a/src/auth/mech-oauth2.c b/src/auth/mech-oauth2.c
index 180b99fc36..1b145674b3 100644
--- a/src/auth/mech-oauth2.c
+++ b/src/auth/mech-oauth2.c
@@ -58,10 +58,9 @@ static void oauth2_verify_callback(enum passdb_result result,
 		if (request->mech_password != NULL)
 			request->mech_password = NULL;
 		string_t *error = t_str_new(64);
-		unsigned int nfields = str_array_length(error_fields);
-		i_assert(nfields % 2 == 0);
 		str_append_c(error, '{');
-		for (unsigned int i = 0; i < nfields; i += 2) {
+		for (unsigned int i = 0; error_fields[i] != NULL; i += 2) {
+			i_assert(error_fields[i+1] != NULL);
 			if (i > 0)
 				str_append_c(error, ',');
 			str_append_c(error, '"');