From e20e026033385d71f0abfd63cc31dc334a8d1665 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Fri, 15 Oct 2021 12:10:24 +0200 Subject: [PATCH] BUG/MEDIUM: sample/jwt: fix another instance of base64 error detection This is the same as for commit 468c000db ("BUG/MEDIUM: jwt: fix base64 decoding error detection"), but for function sample_conv_jwt_member_query() that is used by sample converters jwt_header_query() and jwt_payload_query(). Thanks to Tim for the report. No backport is needed. --- src/sample.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/sample.c b/src/sample.c index de45245e9..47ccfbb0b 100644 --- a/src/sample.c +++ b/src/sample.c @@ -3561,6 +3561,7 @@ static int sample_conv_jwt_member_query(const struct arg *args, struct sample *s unsigned int item_num = member + 1; /* We don't need to tokenize the full token */ struct buffer *decoded_header = get_trash_chunk(); int retval = 0; + int ret; jwt_tokenize(&smp->data.u.str, items, &item_num); @@ -3571,12 +3572,12 @@ static int sample_conv_jwt_member_query(const struct arg *args, struct sample *s if (!decoded_header) goto end; - decoded_header->data = base64urldec(items[member].start, items[member].length, - decoded_header->area, decoded_header->size); - - if (decoded_header->data == (unsigned int)-1) + ret = base64urldec(items[member].start, items[member].length, + decoded_header->area, decoded_header->size); + if (ret == -1) goto end; + decoded_header->data = ret; if (args[0].type != ARGT_STR) { smp->data.u.str = *decoded_header; smp->data.type = SMP_T_STR;