fix a couple of memory leaks

ekoby · ekoby · commit dc6ba5b4c339 · 2026-03-03T10:55:30.000-05:00
diff --git a/library/external_auth.c b/library/external_auth.c
@@ -167,6 +167,7 @@ extern int ziti_ext_auth_token(ziti_context ztx, const char *token) {
     NEWP(jwt, zt_jwt);
     if (zt_jwt_parse(token, jwt) != 0) {
         ZTX_LOG(WARN, "failed to parse JWT token");
+        free(jwt);
         return ZITI_JWT_INVALID;
     }
     ZTX_LOG(DEBUG, "received access token: %s", json_object_get_string(jwt->claims));
diff --git a/library/utils.c b/library/utils.c
@@ -778,11 +778,9 @@ cstr jwt_issuer(const char *jwt) {
     assert(jwt);
     json_object *claims = json_tokener_parse(jwt_payload(jwt));
     json_object *iss = json_object_object_get(claims, "iss");
-    if (iss) {
-        return cstr_from(json_object_get_string(iss));
-    }
-
-    return cstr_lit("<unknown>");
+    cstr result = iss ? cstr_from(json_object_get_string(iss)) : cstr_lit("<unknown>");
+    json_object_put(claims);
+    return result;
 }
 
 const char *jwt_payload(const char *jwt) {

Original file line number	Diff line number	Diff line change
`@@ -167,6 +167,7 @@ extern int ziti_ext_auth_token(ziti_context ztx, const char *token) {`
`167`	`167`	`NEWP(jwt, zt_jwt);`
`168`	`168`	`if (zt_jwt_parse(token, jwt) != 0) {`
`169`	`169`	`ZTX_LOG(WARN, "failed to parse JWT token");`
	`170`	`+ free(jwt);`
`170`	`171`	`return ZITI_JWT_INVALID;`
`171`	`172`	`}`
`172`	`173`	`ZTX_LOG(DEBUG, "received access token: %s", json_object_get_string(jwt->claims));`