You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Either discovery of the emptiness of the map and throw a wrapped error or setting a default value if the retrieval of x and y field return null.
Actual behavior
The exception stacktrace
== Java Exception: java.lang.NullPointerException: Cannot invoke "String.replace(char, char)" because "base64Url" is null
at org.keycloak.common.util.Base64Url.encodeBase64UrlToBase64(Base64Url.java:58)
at org.keycloak.common.util.Base64Url.decode(Base64Url.java:32)
at org.keycloak.jose.jwk.JWKParser.createECPublicKey(JWKParser.java:83)
at org.keycloak.jose.jwk.JWKParser.toPublicKey(JWKParser.java:74)
at TestFuzzer.main(TestFuzzer.java:15)
How to Reproduce?
The following code snippet could reproduce the NullPointerException easily.
Before reporting an issue
Area
core
Describe the bug
In https://github.com/keycloak/keycloak/blob/main/core/src/main/java/org/keycloak/jose/jwk/JWKParser.java#L83-L84, the logic depends on the x and y field in the otherclaim map stored within the JWK object to generate 2 big integers for base EC points. But according to the ec method in https://github.com/keycloak/keycloak/blob/main/core/src/main/java/org/keycloak/jose/jwk/JWKBuilder.java#L118, it does not explicitly put any value to the otherclaim map and thus the map will remain the default empty map in some cases. It causes the retrieval of x and y fields to return a null value and subsequently make Base64.decode throws a NullPointerException when the null value is parsed.
Version
latest
Expected behavior
Either discovery of the emptiness of the map and throw a wrapped error or setting a default value if the retrieval of x and y field return null.
Actual behavior
The exception stacktrace
How to Reproduce?
The following code snippet could reproduce the NullPointerException easily.
Anything else?
This bug is found by a fuzzer using oss-fuzz and the bug report link is https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61287.
The text was updated successfully, but these errors were encountered: