aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--src/core/security/credentials.c6
-rw-r--r--src/core/security/json_token.c9
-rw-r--r--test/core/security/fetch_oauth2.c2
3 files changed, 11 insertions, 6 deletions
diff --git a/src/core/security/credentials.c b/src/core/security/credentials.c
index 60e82d9dfa..a21c27bff9 100644
--- a/src/core/security/credentials.c
+++ b/src/core/security/credentials.c
@@ -336,6 +336,12 @@ grpc_oauth2_token_fetcher_credentials_parse_server_response(
grpc_credentials_status status = GRPC_CREDENTIALS_OK;
grpc_json *json = NULL;
+ if (response == NULL) {
+ gpr_log(GPR_ERROR, "Received NULL response.");
+ status = GRPC_CREDENTIALS_ERROR;
+ goto end;
+ }
+
if (response->body_length > 0) {
null_terminated_body = gpr_malloc(response->body_length + 1);
null_terminated_body[response->body_length] = '\0';
diff --git a/src/core/security/json_token.c b/src/core/security/json_token.c
index c85b0cd847..20d62e2b43 100644
--- a/src/core/security/json_token.c
+++ b/src/core/security/json_token.c
@@ -206,15 +206,14 @@ static char *encoded_jwt_claim(const grpc_auth_json_key *json_key,
char *result = NULL;
gpr_timespec now = gpr_now();
gpr_timespec expiration = gpr_time_add(now, token_lifetime);
- /* log10(2^64) ~= 20 */
- char now_str[24];
- char expiration_str[24];
+ char now_str[GPR_LTOA_MIN_BUFSIZE];
+ char expiration_str[GPR_LTOA_MIN_BUFSIZE];
if (gpr_time_cmp(token_lifetime, grpc_max_auth_token_lifetime) > 0) {
gpr_log(GPR_INFO, "Cropping token lifetime to maximum allowed value.");
expiration = gpr_time_add(now, grpc_max_auth_token_lifetime);
}
- sprintf(now_str, "%ld", now.tv_sec);
- sprintf(expiration_str, "%ld", expiration.tv_sec);
+ gpr_ltoa(now.tv_sec, now_str);
+ gpr_ltoa(expiration.tv_sec, expiration_str);
child = create_child(NULL, json, "iss", json_key->client_email,
GRPC_JSON_STRING);
diff --git a/test/core/security/fetch_oauth2.c b/test/core/security/fetch_oauth2.c
index 369c34a5a5..6315087448 100644
--- a/test/core/security/fetch_oauth2.c
+++ b/test/core/security/fetch_oauth2.c
@@ -95,7 +95,7 @@ static grpc_credentials *create_service_account_creds(
break;
}
current += bytes_read;
- } while (sizeof(json_key) > (current - json_key));
+ } while (sizeof(json_key) > (size_t)(current - json_key));
if ((current - json_key) == sizeof(json_key)) {
gpr_log(GPR_ERROR, "Json key file %s exceeds size limit (%d bytes).",