Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JsonWebToken constructor doesn't count JWT segments properly #1298

Closed
mafurman opened this issue Dec 4, 2019 · 0 comments · Fixed by #1299
Closed

JsonWebToken constructor doesn't count JWT segments properly #1298

mafurman opened this issue Dec 4, 2019 · 0 comments · Fixed by #1299
Assignees
@mafurman
Labels
Bug Product is not functioning as expected
Milestone
v6 Backlog

Comments

@mafurman
Copy link
Member

mafurman commented Dec 4, 2019

azure-activedirectory-identitymodel-extensions-for-dotnet/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs

Lines 54 to 76 in 110ced7

public JsonWebToken(string jwtEncodedString)
{
if (string.IsNullOrEmpty(jwtEncodedString))
throw new ArgumentNullException(nameof(jwtEncodedString));
int count = 1;
int next = -1;
while ((next = jwtEncodedString.IndexOf('.', next + 1)) != -1)
{
count++;
if (count >= JwtConstants.JwsSegmentCount)
break;
}
// JWS or JWE
if (count == JwtConstants.JwsSegmentCount || count == JwtConstants.JweSegmentCount)
{
var tokenParts = jwtEncodedString.Split('.');
Decode(tokenParts, jwtEncodedString);
}
else
throw LogHelper.LogExceptionMessage(new ArgumentException(LogHelper.FormatInvariant(LogMessages.IDX14100, jwtEncodedString)));
}

As soon as 'count' gets to JwtConstants.JwsSegmentCount (3), the while loop will terminate. This means that as long as the number of dots in the 'jwtEncodedString' is >= 2, the value of 'count' will always be equal to 3. This also means that we'll split the string and try to decode it even if it isn't a properly formatted JWT token.
@mafurman mafurman added PR Submitted Bug Product is not functioning as expected labels Dec 4, 2019
@mafurman mafurman added this to the 6.x milestone Dec 4, 2019
@mafurman mafurman self-assigned this Dec 4, 2019
@mafurman mafurman mentioned this issue Dec 4, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mafurman mafurman

Labels
Bug Product is not functioning as expected
Projects
None yet
Milestone
v6 Backlog
1 participant
@mafurman