Google Git
Sign in
apache / kudu / e67d5533e0eadf1b8ece41b44b46f9b55a41d473
commite67d5533e0eadf1b8ece41b44b46f9b55a41d473[log] [tgz]
authorAlexey Serbin <alexey@apache.org>Wed Nov 30 21:30:10 2022 -0800
committerAlexey Serbin <alexey@apache.org>Thu Dec 01 16:50:25 2022 +0000
treee2ebf1dcef369da1c943369d5d9e34238dc816e0
parentc5f358038e583577a91db7c16b488fe07503ad75 [diff]
[jwt] proper memory ownership for RSA key components

This patch corrects the ownership for RSA key's module and exponent in
RSAJWTPublicKeyBuilder::ConvertJwkToPem() for OpenSSL versions prior
to 1.1.0.  Prior to this patch, jwt-util-test would crash with SIGSEGV
if compiled and run against earlier OpenSSL versions (e.g. 1.0.1)

*** SIGSEGV (@0x1e800002) received by PID 31969 (TID 0x7f07a0ae5940) from PID 511705090; stack trace: ***
    ...
    @       0x3ae366ad5d CRYPTO_free at ??:0
    @       0x3ae36a6ef5 BN_free at ??:0
    @     0x7f07a9a44d85 std::_Function_handler<>::_M_invoke() at ??:0
    @     0x7f07a9a4571d std::function<>::operator()() at ??:0
    @     0x7f07a99f42ac std::unique_ptr<>::~unique_ptr() at ??:0
    @     0x7f07a99e6cfa kudu::RSAJWTPublicKeyBuilder::ConvertJwkToPem() at ??:0
    @     0x7f07a99e5910 kudu::RSAJWTPublicKeyBuilder::CreateJWKPublicKey() at ??:0
    ...

Change-Id: Ib94122eb7221c99ed4997b456cdcea4cd6d5154b
Reviewed-on: http://gerrit.cloudera.org:8080/19292
Tested-by: Kudu Jenkins
Reviewed-by: Zoltan Chovan <zchovan@cloudera.com>
Reviewed-by: Attila Bukor <abukor@apache.org>
1 file changed
tree: e2ebf1dcef369da1c943369d5d9e34238dc816e0
  1. build-support/
  2. cmake_modules/
  3. docker/
  4. docs/
  5. examples/
  6. java/
  7. kubernetes/
  8. python/
  9. src/
  10. thirdparty/
  11. www/
  12. .dockerignore
  13. .gitignore
  14. .ycm_extra_conf.py
  15. CMakeLists.txt
  16. CONTRIBUTING.adoc
  17. LICENSE.txt
  18. NOTICE.txt
  19. README.adoc
  20. RELEASING.adoc
  21. version.txt