From 22443c2f05880838db8d7091701f8f20a83cc90e Mon Sep 17 00:00:00 2001 From: "Eric S. Raymond" Date: Tue, 4 Jun 2002 13:58:21 +0000 Subject: Fix Kerberos bugs. svn path=/trunk/; revision=3628 --- base64.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'base64.c') diff --git a/base64.c b/base64.c index 3658e956..a8c7f1c1 100644 --- a/base64.c +++ b/base64.c @@ -54,6 +54,7 @@ void to64frombits(unsigned char *out, const unsigned char *in, int inlen) int from64tobits(char *out, const char *in, int maxlen) /* base 64 to raw bytes in quasi-big-endian order, returning count of bytes */ +/* maxlen limits output buffer size, set to zero to ignore */ { int len = 0; register unsigned char digit1, digit2, digit3, digit4; @@ -78,17 +79,21 @@ int from64tobits(char *out, const char *in, int maxlen) return(-1); in += 4; ++len; - if (len && len >= maxlen) /* prevent buffer overflow */ + if (maxlen && len > maxlen) return(-1); *out++ = (DECODE64(digit1) << 2) | (DECODE64(digit2) >> 4); if (digit3 != '=') { - *out++ = ((DECODE64(digit2) << 4) & 0xf0) | (DECODE64(digit3) >> 2); ++len; + if (maxlen && len > maxlen) + return(-1); + *out++ = ((DECODE64(digit2) << 4) & 0xf0) | (DECODE64(digit3) >> 2); if (digit4 != '=') { + ++len; + if (maxlen && len > maxlen) + return(-1); *out++ = ((DECODE64(digit3) << 6) & 0xc0) | DECODE64(digit4); - ++len; } } } while -- cgit v1.2.3