correct check for key from oidc_proto_jwt_create_from_first_pkey

and avoid NULL pointer dereferencing when no private keys have been configured Signed-off-by: Hans Zandbelt <hans.zandbelt@openidc.com>
OpenIDC · Dec 13, 2024 · 8e5a90b · 8e5a90b
1 parent 80b5e11
commit 8e5a90b
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/ChangeLog b/ChangeLog
@@ -4,6 +4,8 @@
 - initialize oidc_jose_error_t err variable in oidc_util_create_symmetric_key
 - refactor oidc_util_port_from_host and avoid potential crash on non-conformant literal IPv6 addresses
 - add and use _oidc_strncpy for section key string copy in shm.c
+- correct check for private key return value from oidc_proto_jwt_create_from_first_pkey
+  and avoid NULL pointer dereferencing when no private keys have been configured
 
 12/11/2024
 - code: loop over authz arrays with index instead of pointer

diff --git a/src/proto/jwt.c b/src/proto/jwt.c
@@ -253,7 +253,7 @@ apr_byte_t oidc_proto_jwt_create_from_first_pkey(request_rec *r, oidc_cfg_t *cfg
 
 	*jwk = oidc_util_key_list_first(oidc_cfg_private_keys_get(cfg), -1, OIDC_JOSE_JWK_SIG_STR);
 	// TODO: detect at config time
-	if (jwk == NULL) {
+	if (*jwk == NULL) {
 		oidc_error(r, "no RSA/EC private signing keys have been configured (in " OIDCPrivateKeyFiles ")");
 		goto end;
 	}