| Fix integer overflows. Will not work on compilers with unsigned char |
| as the default. |
| |
| Fetched from: https://sources.debian.org/patches/libb64/1.2-5/ |
| |
| Combined "integer overflows.diff" and "off by one.diff" and adapted |
| for version 1.2.1. |
| |
| Signed-off-by: Mikael Eliasson <mikael@robomagi.com> |
| |
| diff --git a/src/cdecode.c b/src/cdecode.c |
| index a6c0a42..45da4e1 100644 |
| --- a/src/cdecode.c |
| +++ b/src/cdecode.c |
| @@ -9,10 +9,11 @@ For details, see http://sourceforge.net/projects/libb64 |
| |
| int base64_decode_value(char value_in) |
| { |
| - static const char decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51}; |
| + static const signed char decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51}; |
| static const char decoding_size = sizeof(decoding); |
| + if (value_in < 43) return -1; |
| value_in -= 43; |
| - if (value_in < 0 || value_in >= decoding_size) return -1; |
| + if (value_in >= decoding_size) return -1; |
| return decoding[(int)value_in]; |
| } |
| |
| @@ -26,7 +27,7 @@ int base64_decode_block(const char* code_in, const int length_in, char* plaintex |
| { |
| const char* codechar = code_in; |
| char* plainchar = plaintext_out; |
| - char fragment; |
| + int fragment; |
| |
| *plainchar = state_in->plainchar; |
| |
| @@ -42,7 +43,7 @@ int base64_decode_block(const char* code_in, const int length_in, char* plaintex |
| state_in->plainchar = *plainchar; |
| return plainchar - plaintext_out; |
| } |
| - fragment = (char)base64_decode_value(*codechar++); |
| + fragment = base64_decode_value(*codechar++); |
| } while (fragment < 0); |
| *plainchar = (fragment & 0x03f) << 2; |
| case step_b: |
| @@ -53,7 +54,7 @@ int base64_decode_block(const char* code_in, const int length_in, char* plaintex |
| state_in->plainchar = *plainchar; |
| return plainchar - plaintext_out; |
| } |
| - fragment = (char)base64_decode_value(*codechar++); |
| + fragment = base64_decode_value(*codechar++); |
| } while (fragment < 0); |
| *plainchar++ |= (fragment & 0x030) >> 4; |
| *plainchar = (fragment & 0x00f) << 4; |
| @@ -65,7 +66,7 @@ int base64_decode_block(const char* code_in, const int length_in, char* plaintex |
| state_in->plainchar = *plainchar; |
| return plainchar - plaintext_out; |
| } |
| - fragment = (char)base64_decode_value(*codechar++); |
| + fragment = base64_decode_value(*codechar++); |
| } while (fragment < 0); |
| *plainchar++ |= (fragment & 0x03c) >> 2; |
| *plainchar = (fragment & 0x003) << 6; |
| @@ -77,7 +78,7 @@ int base64_decode_block(const char* code_in, const int length_in, char* plaintex |
| state_in->plainchar = *plainchar; |
| return plainchar - plaintext_out; |
| } |
| - fragment = (char)base64_decode_value(*codechar++); |
| + fragment = base64_decode_value(*codechar++); |
| } while (fragment < 0); |
| *plainchar++ |= (fragment & 0x03f); |
| } |