From: Remi Tricot-Le Breton <rlebreton@haproxy.com>
Date: Wed, 3 Nov 2021 11:23:54 +0000 (+0100)
Subject: BUG/MINOR: jwt: Fix jwt_parse_alg incorrectly returning JWS_ALG_NONE
X-Git-Tag: v2.5-dev13~22
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=726635018109eda90490a03660a6f244a0c5682e;p=thirdparty%2Fhaproxy.git

BUG/MINOR: jwt: Fix jwt_parse_alg incorrectly returning JWS_ALG_NONE

jwt_parse_alg would mistakenly return JWT_ALG_NONE for algorithms "",
"n", "no" and "non" because of a strncmp misuse. It now sees them as
unknown algorithms.

No backport needed.

Cc: Tim Duesterhus <tim@bastelstu.be>
---

diff --git a/src/jwt.c b/src/jwt.c
index 94bfa5adb1..8c45375428 100644
--- a/src/jwt.c
+++ b/src/jwt.c
@@ -34,7 +34,7 @@ enum jwt_alg jwt_parse_alg(const char *alg_str, unsigned int alg_len)
 
 	/* Algorithms are all 5 characters long apart from "none". */
 	if (alg_len < sizeof("HS256")-1) {
-		if (strncmp("none", alg_str, alg_len) == 0)
+		if (alg_len == sizeof("none")-1 && strcmp("none", alg_str) == 0)
 			alg = JWS_ALG_NONE;
 		return alg;
 	}