From dc2dd87a319d7455b534b6e7751b12d71a9ac2ae Mon Sep 17 00:00:00 2001
From: Yann Leboulanger <asterix@lagaule.org>
Date: Wed, 4 Jul 2007 13:29:06 +0000
Subject: [PATCH] prevent message spoofing. Thanks Misc. Fixes #3281

---
 src/common/connection_handlers.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/common/connection_handlers.py b/src/common/connection_handlers.py
index 8ffe01eced..411c20833c 100644
--- a/src/common/connection_handlers.py
+++ b/src/common/connection_handlers.py
@@ -1433,7 +1433,8 @@ class ConnectionHandlers(ConnectionVcard, ConnectionBytestream, ConnectionDisco,
 		frm = helpers.get_full_jid_from_iq(msg)
 		jid = helpers.get_jid_from_iq(msg)
 		addressTag = msg.getTag('addresses', namespace = common.xmpp.NS_ADDRESS)
-		if addressTag:
+		# Be sure it comes from one of our resource, else ignore address element
+		if addressTag and jid == gajim.get_jid_from_account(self.name):
 			address = addressTag.getTag('address', attrs={'type': 'ofrom'})
 			if address:
 				frm = address.getAttr('jid')
-- 
GitLab