oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(base64_encode): bound input length to /4 of max int and positive

Browse Source
This commit is contained in:
Love Hornquist Astrand
2009-07-30 10:36:39 +02:00
parent dfffe6d567
commit c8b05eef61
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/roken/base64.c
View File

@@ -58,6 +58,11 @@ base64_encode(const void *data, int size, char **str)
int c; int c;
const unsigned char *q; const unsigned char *q;
if (size > INT_MAX/4 || size < 0) {
*str = NULL;
return -1;
}
p = s = (char *) malloc(size * 4 / 3 + 4); p = s = (char *) malloc(size * 4 / 3 + 4);
if (p == NULL) { if (p == NULL) {
*str = NULL; *str = NULL;