From 9c804cc417951c8dfcac8a582ec8ee67c514e4f3 Mon Sep 17 00:00:00 2001 From: Peter <34331512+pmaytak@users.noreply.github.com> Date: Mon, 26 Feb 2024 20:35:06 -0800 Subject: [PATCH] Add test case. Fix Dot3 in read JWT. --- src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs | 7 +++---- test/System.IdentityModel.Tokens.Jwt.Tests/JwtTestData.cs | 7 +++++++ 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs index fd6921f1f4..b7b66a3596 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebToken.cs @@ -463,11 +463,10 @@ internal void ReadToken(ReadOnlyMemory encodedTokenMemory) // empty payload for JWE's {encrypted tokens}. Payload = new JsonClaimSet(); - if (Dot3 == encodedTokenSpan.Length) // TODO: Should this be encodedJsonSpan.Length - 1? - throw LogHelper.LogExceptionMessage(new ArgumentException(LogMessages.IDX14121)); - Dot3 = Dot2 + Dot3 + 1; - + if (Dot3 == encodedTokenSpan.Length - 1) + throw LogHelper.LogExceptionMessage(new SecurityTokenMalformedException(LogMessages.IDX14121)); + Dot4 = encodedTokenSpan.Slice(Dot3 + 1).IndexOf('.'); if (Dot4 == -1) throw LogHelper.LogExceptionMessage(new SecurityTokenMalformedException(LogMessages.IDX14121)); diff --git a/test/System.IdentityModel.Tokens.Jwt.Tests/JwtTestData.cs b/test/System.IdentityModel.Tokens.Jwt.Tests/JwtTestData.cs index e0c36fceb4..9a6db857e6 100644 --- a/test/System.IdentityModel.Tokens.Jwt.Tests/JwtTestData.cs +++ b/test/System.IdentityModel.Tokens.Jwt.Tests/JwtTestData.cs @@ -60,6 +60,13 @@ public static TheoryData InvalidNumberOfSegmentsData(IList