From 5b854a446831fc9245e55ca5e0d0379a0fdffe4b Mon Sep 17 00:00:00 2001
From: Riccardo Schirone <562321+ret2libc@users.noreply.github.com>
Date: Fri, 14 Oct 2022 12:49:39 +0200
Subject: [PATCH] pyjwt: catch PyJWTError exceptions (#8645)

jwt functions like jwt.decode could raise PyJWTError exceptions (e.g.
ExpiredSignatureError if the token is expired)

Fix error handling for issue:
- 50696 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50696)
---
 projects/pyjwt/fuzz_jwt.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/projects/pyjwt/fuzz_jwt.py b/projects/pyjwt/fuzz_jwt.py
index 9a001af4c..ca7c249cb 100644
--- a/projects/pyjwt/fuzz_jwt.py
+++ b/projects/pyjwt/fuzz_jwt.py
@@ -44,8 +44,11 @@ def test_roundtrip(data):
         return
 
     key = "fuzzing"
-    jwt_message = jwt.encode(payload, key, algorithm="HS256")
-    decoded_payload = jwt.decode(jwt_message, key, algorithms=["HS256"])
+    try:
+        jwt_message = jwt.encode(payload, key, algorithm="HS256")
+        decoded_payload = jwt.decode(jwt_message, key, algorithms=["HS256"])
+    except jwt.exceptions.PyJWTError:
+        return
     assert decoded_payload == payload