From 084675c4f3c4dde8429c409c2c28a871dc0fa3f2 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 1 Nov 2020 10:48:32 +0100
Subject: [PATCH 1/2] [ticket/security-265] Reduce verbosity of jabber error
 return

SECURITY-265
---
 phpBB/includes/functions_jabber.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php
index cf0865e608..3c0602fa3b 100644
--- a/phpBB/includes/functions_jabber.php
+++ b/phpBB/includes/functions_jabber.php
@@ -227,7 +227,6 @@ class jabber
 		if ($this->connected())
 		{
 			$xml = trim($xml);
-			$this->add_to_log('SEND: '. $xml);
 			return fwrite($this->connection, $xml);
 		}
 		else
@@ -338,7 +337,6 @@ class jabber
 
 		if ($data != '')
 		{
-			$this->add_to_log('RECV: '. $data);
 			return $this->xmlize($data);
 		}
 		else
@@ -701,7 +699,7 @@ class jabber
 
 			default:
 				// hm...don't know this response
-				$this->add_to_log('Notice: Unknown server response (' . key($xml) . ')');
+				$this->add_to_log('Notice: Unknown server response');
 				return false;
 			break;
 		}

From d82715372b27a3c26e3cf1eeab9f44e6881fd7fe Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sun, 1 Nov 2020 10:49:18 +0100
Subject: [PATCH 2/2] [ticket/security-265] Add better checks for empty or not
 set data

SECURITY-265
---
 phpBB/includes/functions_jabber.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/phpBB/includes/functions_jabber.php b/phpBB/includes/functions_jabber.php
index 3c0602fa3b..43df61c396 100644
--- a/phpBB/includes/functions_jabber.php
+++ b/phpBB/includes/functions_jabber.php
@@ -207,7 +207,7 @@ class jabber
 	*/
 	function login()
 	{
-		if (!count($this->features))
+		if (empty($this->features))
 		{
 			$this->add_to_log('Error: No feature information from server available.');
 			return false;
@@ -417,7 +417,7 @@ class jabber
 		{
 			// or even multiple elements of the same type?
 			// array('message' => array(0 => ..., 1 => ...))
-			if (count(reset($xml)) > 1)
+			if (is_array(reset($xml)) && count(reset($xml)) > 1)
 			{
 				foreach (reset($xml) as $value)
 				{
@@ -443,7 +443,7 @@ class jabber
 				}
 
 				$second_time = isset($this->session['id']);
-				$this->session['id'] = $xml['stream:stream'][0]['@']['id'];
+				$this->session['id'] = isset($xml['stream:stream'][0]['@']['id']) ? $xml['stream:stream'][0]['@']['id'] : '';
 
 				if ($second_time)
 				{