UBSan: Avoid unsigned integer overflow in base64 encoding
Add a constraint on the base64 encoded buffer length to avoid an integer overflow in the output length calculation. common.c:1087:16: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'size_t' (aka 'unsigned long') Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
fed7d8fcba
commit
43216777e5
1 changed files with 4 additions and 1 deletions
|
|
@ -1,12 +1,13 @@
|
||||||
/*
|
/*
|
||||||
* Base64 encoding/decoding (RFC1341)
|
* Base64 encoding/decoding (RFC1341)
|
||||||
* Copyright (c) 2005-2011, Jouni Malinen <j@w1.fi>
|
* Copyright (c) 2005-2019, Jouni Malinen <j@w1.fi>
|
||||||
*
|
*
|
||||||
* This software may be distributed under the terms of the BSD license.
|
* This software may be distributed under the terms of the BSD license.
|
||||||
* See README for more details.
|
* See README for more details.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
#include "os.h"
|
#include "os.h"
|
||||||
#include "base64.h"
|
#include "base64.h"
|
||||||
|
|
@ -27,6 +28,8 @@ static unsigned char * base64_gen_encode(const unsigned char *src, size_t len,
|
||||||
size_t olen;
|
size_t olen;
|
||||||
int line_len;
|
int line_len;
|
||||||
|
|
||||||
|
if (len >= SIZE_MAX / 4)
|
||||||
|
return NULL;
|
||||||
olen = len * 4 / 3 + 4; /* 3-byte blocks to 4-byte */
|
olen = len * 4 / 3 + 4; /* 3-byte blocks to 4-byte */
|
||||||
if (add_pad)
|
if (add_pad)
|
||||||
olen += olen / 72; /* line feeds */
|
olen += olen / 72; /* line feeds */
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue