SEGV in _cjose_jws_build_hdr when using custom alloc

[zachmann]

When setting a custom memory allocator and deallocator using https://github.com/cisco/cjose/blob/9261231f08d2a3cbcf5d73c5f9e754a2f1c379ac/src/util.c#L60 it is also applied to json. In https://github.com/cisco/cjose/blob/254ab05e04cc32d866712bea838990eb4011cbf5/src/jws.c#L54-L65 json_dumps allocatos hdr_str using the custom allocator. However later hdr_str is freed using free and not the set deallocator. So this (can) lead to a segfault.

I suggest to replace the calls to free with cjose_get_dealloc()

[zandbelt]

this was merged here: https://github.com/zmartzone/cjose/pull/7 and now part of the maintenance fork here: https://github.com/OpenIDC/cjose/tree/version-0.6.2.x