Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEGV in _cjose_jws_build_hdr when using custom alloc #95

Open
zachmann opened this issue Jun 19, 2019 · 1 comment
Open

SEGV in _cjose_jws_build_hdr when using custom alloc #95

zachmann opened this issue Jun 19, 2019 · 1 comment

Comments

@zachmann
Copy link

When setting a custom memory allocator and deallocator using

void cjose_set_alloc_funcs(cjose_alloc_fn_t alloc, cjose_realloc_fn_t realloc, cjose_dealloc_fn_t dealloc)

it is also applied to json.
In

cjose/src/jws.c

Lines 54 to 65 in 254ab05

char *hdr_str = json_dumps(jws->hdr, JSON_ENCODE_ANY | JSON_PRESERVE_ORDER);
if (NULL == hdr_str)
{
CJOSE_ERROR(err, CJOSE_ERR_NO_MEMORY);
return false;
}
if (!cjose_base64url_encode((const uint8_t *)hdr_str, strlen(hdr_str), &jws->hdr_b64u, &jws->hdr_b64u_len, err))
{
free(hdr_str);
return false;
}
free(hdr_str);
json_dumps allocatos hdr_str using the custom allocator. However later hdr_str is freed using free and not the set deallocator. So this (can) lead to a segfault.

I suggest to replace the calls to free with cjose_get_dealloc()

@zandbelt
Copy link
Contributor

zandbelt commented Apr 5, 2022

this was merged here:
OpenIDC#7
and now part of the maintenance fork here:
https://github.com/OpenIDC/cjose/tree/version-0.6.2.x

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants