OSSP CVS Repository

ossp - Check-in [4291]
Not logged in
[Honeypot]  [Browse]  [Home]  [Login]  [Reports
[Search]  [Ticket]  [Timeline
  [Patchset]  [Tagging/Branching

Check-in Number: 4291
Date: 2001-Aug-08 11:23:39 (local)
2001-Aug-08 09:23:39 (UTC)
User:simons
Branch:
Comment: base64_decode() did not honor the srclen parameter properly but depended on the src buffer to be terminated by a null byte. This is fixed now.
Tickets:
Inspections:
Files:
ossp-pkg/xds/xml-decode-octetstream.c      1.1 -> 1.2     12 inserted, 14 deleted

ossp-pkg/xds/xml-decode-octetstream.c 1.1 -> 1.2

--- xml-decode-octetstream.c     2001/08/02 17:24:50     1.1
+++ xml-decode-octetstream.c     2001/08/08 09:23:39     1.2
@@ -105,7 +105,6 @@
 
     if (ch == xds_pad64)
         {          /* We got a pad char. */
-        ch = *src++;            /* Skip it, get next. */
         switch (state)
             {
             case 0:             /* Invalid = in first position */
@@ -113,22 +112,29 @@
                 return -1;
             case 2:             /* Valid, means one byte of info */
                 /* Skip any number of spaces. */
-                for (; ch != '\0'; ch = *src++)
+                while(srclen > 0)
+                    {
+                    ch = *src++;
+                    --srclen;
                     if (!(isascii(ch) && isspace(ch)))
                         break;
+                    }
                 /* Make sure there is another trailing = sign. */
                 if (ch != xds_pad64)
                     return -1;
-                ch = *src++;        /* Skip the = */
                 /* FALLTHROUGH */
             case 3:             /* Valid, means two bytes of info */
                 /*
                  * We know this char is an =.  Is there anything but
                  * whitespace after it?
                  */
-                for (; ch != '\0'; ch = *src++)
+                while(srclen > 0)
+                    {
+                    ch = *src++;
+                    --srclen;
                     if (!(isascii(ch) && isspace(ch)))
                         return -1;
+                    }
                 /*
                  * Now make sure for cases 2 and 3 that the "extra"
                  * bits that slopped past the last full byte were
@@ -192,23 +198,16 @@
         p = (char*)buffer + 13;
         }
 
-    /* Now find out how long the decoded data is going to be and
-       allocate a buffer for it. */
+    /* Now find out how long the decoded data is going to be, allocate
+       a buffer for it, and decode away. */
 
-    p[p_len] = '\0';
     *data_len = base64_decode(NULL, 0, p, p_len);
-    p[p_len] = '<';
     if (*data_len == (size_t)-1)
         return XDS_ERR_UNKNOWN;
     *data = malloc(*data_len);
     if (*data == NULL)
         return XDS_ERR_NO_MEM;
-
-    /* Decode the data. */
-
-    p[p_len] = '\0';
     base64_decode(*data, *data_len, p, p_len);
-    p[p_len] = '<';
 
     /* Check that we have a closing tag. */
 
@@ -223,4 +222,3 @@
     *used_buffer_size = 13 + p_len + 14;
     return XDS_OK;
     }
-

CVSTrac 2.0.1