[libsocialweb/libsocialweb-0.25] flickr: Only try and check the token if we have one



commit 5f7e43a67b44e24188549340dc830b0c0e9a478e
Author: Rob Bradford <rob linux intel com>
Date:   Mon Oct 15 13:25:22 2012 +0100

    flickr: Only try and check the token if we have one
    
    Going online/offline would trigger the checking of the token's validity even
    if no token was set. This change ensures that we try and get a token and then
    only if we have a token do we try and check it's validity.
    
    This should address CVE-2012-4511.

 services/flickr/flickr.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/services/flickr/flickr.c b/services/flickr/flickr.c
index b4e5cc0..2f59345 100644
--- a/services/flickr/flickr.c
+++ b/services/flickr/flickr.c
@@ -255,7 +255,7 @@ online_notify (gboolean online, gpointer user_data)
   SW_DEBUG (FLICKR, "Online: %s", online ? "yes" : "no");
 
   if (online) {
-    got_tokens_cb (priv->proxy, TRUE, g_object_ref (service));
+    credentials_updated (service);
   } else {
     priv->authorised = FALSE;
 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]