From 537f120135b9fe813c6007352e65d3521a6a2062 Mon Sep 17 00:00:00 2001
From: Aki Tuomi <aki.tuomi@dovecot.fi>
Date: Tue, 6 Jun 2017 12:47:53 +0300
Subject: [PATCH] lib-oauth2: Make sure fields are always initialized

---
 src/lib-oauth2/oauth2-introspect.c     | 1 +
 src/lib-oauth2/oauth2-refresh.c        | 1 +
 src/lib-oauth2/oauth2-token-validate.c | 4 +++-
 3 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/lib-oauth2/oauth2-introspect.c b/src/lib-oauth2/oauth2-introspect.c
index 79800fe0b2..62bfe11cf7 100644
--- a/src/lib-oauth2/oauth2-introspect.c
+++ b/src/lib-oauth2/oauth2-introspect.c
@@ -47,6 +47,7 @@ oauth2_introspect_response(const struct http_response *response,
 			oauth2_introspect_continue(req, FALSE, "Missing response body");
 			return;
 		}
+		p_array_init(&req->fields, req->pool, 1);
 		req->is = response->payload;
 		i_stream_ref(req->is);
 		req->parser = json_parser_init(req->is);
diff --git a/src/lib-oauth2/oauth2-refresh.c b/src/lib-oauth2/oauth2-refresh.c
index e7b5455055..777a7cb384 100644
--- a/src/lib-oauth2/oauth2-refresh.c
+++ b/src/lib-oauth2/oauth2-refresh.c
@@ -87,6 +87,7 @@ oauth2_refresh_response(const struct http_response *response,
 			oauth2_refresh_continue(req, FALSE, "Missing response body");
 			return;
 		}
+		p_array_init(&req->fields, req->pool, 1);
 		req->is = response->payload;
 		i_stream_ref(req->is);
 		req->parser = json_parser_init(req->is);
diff --git a/src/lib-oauth2/oauth2-token-validate.c b/src/lib-oauth2/oauth2-token-validate.c
index af47b0ac57..4982ecea95 100644
--- a/src/lib-oauth2/oauth2-token-validate.c
+++ b/src/lib-oauth2/oauth2-token-validate.c
@@ -30,6 +30,8 @@ oauth2_token_validate_continue(struct oauth2_request *req, bool success,
 	struct oauth2_token_validation_result res;
 	i_zero(&res);
 
+	i_assert(array_is_created(&req->fields));
+
 	res.success = success;
 	res.error = error;
 	res.valid = req->valid;
@@ -69,9 +71,9 @@ oauth2_token_validate_response(const struct http_response *response,
 			req->valid = TRUE;
 		else
 			req->valid = FALSE;
+		p_array_init(&req->fields, req->pool, 1);
 		/* 2xx is sufficient for token validation */
 		if (response->payload == NULL) {
-			p_array_init(&req->fields, req->pool, 1);
 			oauth2_token_validate_continue(req, TRUE, NULL);
 			return;
 		}