Skip to content

Commit

Permalink
jose: prevent memory leaks when zlib compressing (deflate) fails
Browse files Browse the repository at this point in the history 
in oidc_jose_zlib_compress

Signed-off-by: Hans Zandbelt <[email protected]>
  • Loading branch information
@zandbelt
zandbelt committed Jan 19, 2025
1 parent bd7bb50 commit 8ebf6fd
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 19 deletions.
3 changes: 3 additions & 0 deletions ChangeLog
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
01/19/2025
- jose: prevent memory leaks when zlib compressing (deflate) fails in oidc_jose_zlib_compress

01/02/2025
- add a configuration check for public/private keys when using DPoP; closes #1293; thanks @ahus1
- update copyright year to 2025
Expand Down
39 changes: 20 additions & 19 deletions src/jose.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -969,6 +969,7 @@ static apr_byte_t oidc_jose_brotli_uncompress(apr_pool_t *pool, const char *inpu
*/
static apr_byte_t oidc_jose_zlib_compress(apr_pool_t *pool, const char *input, int input_len, char **output,
int *output_len, oidc_jose_error_t *err) {
apr_byte_t rv = FALSE;
int status = Z_OK;
z_stream zlib;

Expand All @@ -985,24 +986,24 @@ static apr_byte_t oidc_jose_zlib_compress(apr_pool_t *pool, const char *input, i
status = deflateInit(&zlib, Z_BEST_COMPRESSION);
if (status != Z_OK) {
oidc_jose_error(err, "deflateInit() failed: %d", status);
return FALSE;
goto end;
}

status = deflate(&zlib, Z_FINISH);
if (status != Z_STREAM_END) {
oidc_jose_error(err, "deflate() failed: %d", status);
return FALSE;
}

status = deflateEnd(&zlib);
if (status != Z_OK) {
oidc_jose_error(err, "deflateEnd() failed: %d", status);
return FALSE;
goto end;
}

*output_len = (int)zlib.total_out;

return TRUE;
rv = TRUE;

end:

deflateEnd(&zlib);

return rv;
}

#define OIDC_CJOSE_UNCOMPRESS_CHUNK 8192
Expand All @@ -1012,6 +1013,7 @@ static apr_byte_t oidc_jose_zlib_compress(apr_pool_t *pool, const char *input, i
*/
static apr_byte_t oidc_jose_zlib_uncompress(apr_pool_t *pool, const char *input, int input_len, char **output,
int *output_len, oidc_jose_error_t *err) {
apr_byte_t rv = FALSE;
int status = Z_OK;
size_t len = OIDC_CJOSE_UNCOMPRESS_CHUNK;
char *tmp = NULL, *buf = apr_pcalloc(pool, len);
Expand All @@ -1027,7 +1029,7 @@ static apr_byte_t oidc_jose_zlib_uncompress(apr_pool_t *pool, const char *input,
status = inflateInit(&zlib);
if (status != Z_OK) {
oidc_jose_error(err, "inflateInit() failed: %d", status);
return FALSE;
goto end;
}

while (status == Z_OK) {
Expand All @@ -1044,20 +1046,19 @@ static apr_byte_t oidc_jose_zlib_uncompress(apr_pool_t *pool, const char *input,

if (status != Z_STREAM_END) {
oidc_jose_error(err, "inflate() failed: %d", status);
inflateEnd(&zlib);
return FALSE;
}

status = inflateEnd(&zlib);
if (status != Z_OK) {
oidc_jose_error(err, "inflateEnd() failed: %d", status);
return FALSE;
goto end;
}

*output_len = (int)zlib.total_out;
*output = buf;

return TRUE;
rv = TRUE;

end:

inflateEnd(&zlib);

return rv;
}

#endif
Expand Down

0 comments on commit 8ebf6fd

Please sign in to comment.