Skip to content

Fix segfault if the JSON parser cannot parse the JWKS #176

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 7, 2025
Merged

Fix segfault if the JSON parser cannot parse the JWKS #176

merged 1 commit into from
Nov 7, 2025
+1 −1

Conversation

@jthiltges
Copy link
Contributor

@jthiltges jthiltges commented Nov 7, 2025

Ensure m_cget is still valid when building the exception text with m_cget->get_url().

If the issuer published a JWKS that's not valid JSON, it triggers an exception. The unique_ptr is accessed to build the exception text. Move the reset() to after the exception to avoid a segfault.

scitokens::internal::SimpleCurlGet::get_url[abi:cxx11]() const (this=0x0) at /tmp/mnt/src/scitokens_internal.cpp:108
108         if (!m_curl) {
(gdb) bt
#0  scitokens::internal::SimpleCurlGet::get_url[abi:cxx11]() const (this=0x0) at /tmp/mnt/src/scitokens_internal.cpp:108
#1  0x00007f4f4997b293 in scitokens::Validator::get_public_keys_from_web_continue (status=...) at /tmp/mnt/src/scitokens_internal.cpp:741
#2  0x00007f4f4999a267 in scitokens::Validator::refresh_jwks (issuer=...) at /usr/local/include/c++/14.2.0/bits/unique_ptr.h:191
#3  0x00007f4f4997e90f in keycache_refresh_jwks (issuer=0x4f4898 "https://t2.unl.edu/jthiltge/issuer/invalid", err_msg=0x7ffe0145bec0) at /usr/local/include/c++/14.2.0/bits/basic_string.tcc:242

@jthiltges
Fix segfault if the JSON parser cannot parse the JWKS
a504da4 
Ensure m_cget is still valid when building the exception text with
m_cget->get_url().
@djw8605 djw8605 requested a review from Copilot November 7, 2025 19:53
Copilot AI reviewed Nov 7, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR fixes a critical bug that would cause a null pointer dereference during error handling in the public key download process.

  • Moved status->m_cget.reset() call to after the JSON parsing error check to prevent accessing a null pointer in error messages

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@djw8605 djw8605 merged commit 90cabef into scitokens:master Nov 7, 2025
17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jthiltges @djw8605