cjose icon indicating copy to clipboard operation
cjose copied to clipboard

Published 20 hours ago verified publisher icon cisco

memory allocation error

Open marcstern opened this issue 4 years ago • 1 comments

in jwe.c, on line 1952:

cek = cjose_get_alloc()(cek_len);
memcpy(cek, jwe->cek, cek_len);

Allocation result is not checked. We should add

if (!cek) {
   CJOSE_ERROR(err, CJOSE_ERR_NO_MEMORY);
   return NULL;
}

marcstern avatar Jun 30 '20 11:06 marcstern

this is now part of the maintenance fork here: https://github.com/OpenIDC/cjose/tree/version-0.6.2.x

zandbelt avatar Apr 05 '22 18:04 zandbelt