Segfault with multiple jwt_decode using RSA

Question

Segfault with multiple jwt_decode using RSA

jchook opened this issue 6 years ago · 1 comments

Getting segmentation fault error on latest master:

segfault at 10 ip 00007f0f7535ba94 sp 00007ffcb6cd3d80 error 4 in jwt.so[7f0f75357000+6000]

Code to reproduce:

<?php

function generateKeyPair()
{
  $key = openssl_pkey_new([
    'digest_alg' => 'sha512',
    'private_key_bits' => 1024,
    'private_key_type' => OPENSSL_KEYTYPE_RSA,
  ]);
  openssl_pkey_export($key, $private);
  $public = openssl_pkey_get_details($key)['key'];
  openssl_pkey_free($key);
  return [$public, $private];
}

list($apub, $apriv) = generateKeyPair();
list($bpub, $bpriv) = generateKeyPair();

$payload = ['message' => 'hello world'];
$token = jwt_encode($payload, $apriv, 'RS512');
$decoded = jwt_decode($token, $apub, ['algorithm' => 'RS512']);

$payload = ['message' => 'hello world 2'];
$token = jwt_encode($payload, $bpriv, 'RS512');
$decoded = jwt_decode($token, $bpub, ['algorithm' => 'RS512']); // segfault

Answer 1 · 2019-01-11T09:01:06.000Z

Thanks. I fixed this bug in the develop branch.