We received external feedback about our crudeoauth SASL module from one person: > In oauthbearer.h:55 size of the token is defined statically, the token we > got from Azure containing multiple keys had about 12k characters, exceeding > that static size and overflowing the buffer. And that resulted in a segfault of slapd.
It's not about a access token but about the JWKS from the OIDC Provider. The whole JWKS file is now read into memory, dynamically allocating the required size. crudeoauth.yaml 81008310f396 | chore(univention-management-console): update advisory crudeoauth (1.0.0-3) 60e2a9a400d5 | fix(crudeoauth): fix reading whole JWKS
Nice, thanks: 3bf4eb1b641 | docs(crudeoauth): add manpages Successful build Package: crudeoauth Version: 1.0.0-4 Branch: 5.2-0 Scope: errata5.2-1
<https://errata.software-univention.de/#/?erratum=5.2x78>