From b5daeb66ad603d40da8c7250d9121ef4cc8060c2 Mon Sep 17 00:00:00 2001
From: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
Date: Tue, 16 May 2017 19:55:50 +0200
Subject: [PATCH] Bug: crash on non string "alg" (#48)

* release JWS resources in test code after merging #33

* fix crash when "alg" header is set to non-string; see cisco/cjose#47

this would affect cjose_jws_sign as well as cjose_jws_import and is a
potential DoS vector for the latter

Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
---
 src/jws.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/jws.c b/src/jws.c
index b09c807..1e99610 100644
--- a/src/jws.c
+++ b/src/jws.c
@@ -72,7 +72,7 @@ static bool _cjose_jws_validate_hdr(cjose_jws_t *jws, cjose_err *err)
 {
     // make sure we have an alg header
     json_t *alg_obj = json_object_get(jws->hdr, CJOSE_HDR_ALG);
-    if (NULL == alg_obj)
+    if ((NULL == alg_obj) || (!json_is_string(alg_obj)))
     {
         CJOSE_ERROR(err, CJOSE_ERR_INVALID_ARG);
         return false;