Re: base64: fix issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Adrien,

Thanks for the patch. We committed it in r5589 (https://trac.pjsip.org/repos/changeset/5589).

Best regards,
Ming

On Wed, May 3, 2017 at 11:26 PM, Adrien Béraud <adrien.beraud@xxxxxxxxxxxxxxxxxxxx> wrote:
This patch fix two bugs in PJSIP' base64 implementation:
* prevent invalid memory access for empty input string
* allow using an output buffer of just the right size

--- a/pjlib-util/src/pjlib-util/base64.c        2017-05-03 10:29:07.200417026 -0400
+++ b/pjlib-util/src/pjlib-util/base64.c        2017-05-03 10:28:30.344335390 -0400
@@ -131,7 +131,7 @@

     PJ_ASSERT_RETURN(input && out && out_len, PJ_EINVAL);

-    while (buf[len-1] == '=' && len)
+    while (len && buf[len-1] == '=')
        --len;

     PJ_ASSERT_RETURN(*out_len >= PJ_BASE64_TO_BASE256_LEN(len),
@@ -161,7 +161,7 @@
        out[j++] = (pj_uint8_t)(((c[2] & 0x03)<<6) | (c[3] & 0x3F));
     }

-    pj_assert(j < *out_len);
+    pj_assert(j <= *out_len);
     *out_len = j;

     return PJ_SUCCESS;

---
Adrien Béraud

_______________________________________________
Visit our blog: http://blog.pjsip.org

pjsip mailing list
pjsip@xxxxxxxxxxxxxxx
http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org

_______________________________________________
Visit our blog: http://blog.pjsip.org

pjsip mailing list
pjsip@xxxxxxxxxxxxxxx
http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org
[Index of Archives]     [Asterisk Users]     [Asterisk App Development]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [Linux API]
  Powered by Linux