|
|
40c23b |
diff --git a/encoding/apr_base64.c b/encoding/apr_base64.c
|
|
|
40c23b |
index 1eed153..2803106 100644
|
|
|
40c23b |
--- a/encoding/apr_base64.c
|
|
|
40c23b |
+++ b/encoding/apr_base64.c
|
|
|
40c23b |
@@ -20,11 +20,20 @@
|
|
|
40c23b |
* ugly 'len' functions, which is quite a nasty cost.
|
|
|
40c23b |
*/
|
|
|
40c23b |
|
|
|
40c23b |
+#undef NDEBUG /* always abort() on assert()ion failure */
|
|
|
40c23b |
+#include <assert.h>
|
|
|
40c23b |
+
|
|
|
40c23b |
#include "apr_base64.h"
|
|
|
40c23b |
#if APR_CHARSET_EBCDIC
|
|
|
40c23b |
#include "apr_xlate.h"
|
|
|
40c23b |
#endif /* APR_CHARSET_EBCDIC */
|
|
|
40c23b |
|
|
|
40c23b |
+/* Above APR_BASE64_ENCODE_MAX length the encoding can't fit in an int >= 0 */
|
|
|
40c23b |
+#define APR_BASE64_ENCODE_MAX 1610612733
|
|
|
40c23b |
+
|
|
|
40c23b |
+/* Above APR_BASE64_DECODE_MAX length the decoding can't fit in an int >= 0 */
|
|
|
40c23b |
+#define APR_BASE64_DECODE_MAX 2863311524u
|
|
|
40c23b |
+
|
|
|
40c23b |
/* aaaack but it's fast and const should make it shared text page. */
|
|
|
40c23b |
static const unsigned char pr2six[256] =
|
|
|
40c23b |
{
|
|
|
40c23b |
@@ -109,7 +118,6 @@ APU_DECLARE(apr_status_t) apr_base64init_ebcdic(apr_xlate_t *to_ascii,
|
|
|
40c23b |
|
|
|
40c23b |
APU_DECLARE(int) apr_base64_decode_len(const char *bufcoded)
|
|
|
40c23b |
{
|
|
|
40c23b |
- int nbytesdecoded;
|
|
|
40c23b |
register const unsigned char *bufin;
|
|
|
40c23b |
register apr_size_t nprbytes;
|
|
|
40c23b |
|
|
|
40c23b |
@@ -117,16 +125,16 @@ APU_DECLARE(int) apr_base64_decode_len(const char *bufcoded)
|
|
|
40c23b |
while (pr2six[*(bufin++)] <= 63);
|
|
|
40c23b |
|
|
|
40c23b |
nprbytes = (bufin - (const unsigned char *) bufcoded) - 1;
|
|
|
40c23b |
- nbytesdecoded = (((int)nprbytes + 3) / 4) * 3;
|
|
|
40c23b |
+ assert(nprbytes <= APR_BASE64_DECODE_MAX);
|
|
|
40c23b |
|
|
|
40c23b |
- return nbytesdecoded + 1;
|
|
|
40c23b |
+ return (int)(((nprbytes + 3u) / 4u) * 3u + 1u);
|
|
|
40c23b |
}
|
|
|
40c23b |
|
|
|
40c23b |
APU_DECLARE(int) apr_base64_decode(char *bufplain, const char *bufcoded)
|
|
|
40c23b |
{
|
|
|
40c23b |
#if APR_CHARSET_EBCDIC
|
|
|
40c23b |
apr_size_t inbytes_left, outbytes_left;
|
|
|
40c23b |
-#endif /* APR_CHARSET_EBCDIC */
|
|
|
40c23b |
+#endif /* APR_CHARSET_EBCDIC */
|
|
|
40c23b |
int len;
|
|
|
40c23b |
|
|
|
40c23b |
len = apr_base64_decode_binary((unsigned char *) bufplain, bufcoded);
|
|
|
40c23b |
@@ -153,12 +161,13 @@ APU_DECLARE(int) apr_base64_decode_binary(unsigned char *bufplain,
|
|
|
40c23b |
bufin = (const unsigned char *) bufcoded;
|
|
|
40c23b |
while (pr2six[*(bufin++)] <= 63);
|
|
|
40c23b |
nprbytes = (bufin - (const unsigned char *) bufcoded) - 1;
|
|
|
40c23b |
- nbytesdecoded = (((int)nprbytes + 3) / 4) * 3;
|
|
|
40c23b |
+ assert(nprbytes <= APR_BASE64_DECODE_MAX);
|
|
|
40c23b |
+ nbytesdecoded = (int)(((nprbytes + 3u) / 4u) * 3u);
|
|
|
40c23b |
|
|
|
40c23b |
bufout = (unsigned char *) bufplain;
|
|
|
40c23b |
bufin = (const unsigned char *) bufcoded;
|
|
|
40c23b |
|
|
|
40c23b |
- while (nprbytes > 4) {
|
|
|
40c23b |
+ while (nprbytes >= 4) {
|
|
|
40c23b |
*(bufout++) =
|
|
|
40c23b |
(unsigned char) (pr2six[*bufin] << 2 | pr2six[bufin[1]] >> 4);
|
|
|
40c23b |
*(bufout++) =
|
|
|
40c23b |
@@ -178,13 +187,8 @@ APU_DECLARE(int) apr_base64_decode_binary(unsigned char *bufplain,
|
|
|
40c23b |
*(bufout++) =
|
|
|
40c23b |
(unsigned char) (pr2six[bufin[1]] << 4 | pr2six[bufin[2]] >> 2);
|
|
|
40c23b |
}
|
|
|
40c23b |
- if (nprbytes > 3) {
|
|
|
40c23b |
- *(bufout++) =
|
|
|
40c23b |
- (unsigned char) (pr2six[bufin[2]] << 6 | pr2six[bufin[3]]);
|
|
|
40c23b |
- }
|
|
|
40c23b |
|
|
|
40c23b |
- nbytesdecoded -= (4 - (int)nprbytes) & 3;
|
|
|
40c23b |
- return nbytesdecoded;
|
|
|
40c23b |
+ return nbytesdecoded - (int)((4u - nprbytes) & 3u);
|
|
|
40c23b |
}
|
|
|
40c23b |
|
|
|
40c23b |
static const char basis_64[] =
|
|
|
40c23b |
@@ -192,6 +196,8 @@ static const char basis_64[] =
|
|
|
40c23b |
|
|
|
40c23b |
APU_DECLARE(int) apr_base64_encode_len(int len)
|
|
|
40c23b |
{
|
|
|
40c23b |
+ assert(len >= 0 && len <= APR_BASE64_ENCODE_MAX);
|
|
|
40c23b |
+
|
|
|
40c23b |
return ((len + 2) / 3 * 4) + 1;
|
|
|
40c23b |
}
|
|
|
40c23b |
|
|
|
40c23b |
@@ -203,6 +209,8 @@ APU_DECLARE(int) apr_base64_encode(char *encoded, const char *string, int len)
|
|
|
40c23b |
int i;
|
|
|
40c23b |
char *p;
|
|
|
40c23b |
|
|
|
40c23b |
+ assert(len >= 0 && len <= APR_BASE64_ENCODE_MAX);
|
|
|
40c23b |
+
|
|
|
40c23b |
p = encoded;
|
|
|
40c23b |
for (i = 0; i < len - 2; i += 3) {
|
|
|
40c23b |
*p++ = basis_64[(os_toascii[string[i]] >> 2) & 0x3F];
|
|
|
40c23b |
@@ -227,7 +235,7 @@ APU_DECLARE(int) apr_base64_encode(char *encoded, const char *string, int len)
|
|
|
40c23b |
}
|
|
|
40c23b |
|
|
|
40c23b |
*p++ = '\0';
|
|
|
40c23b |
- return p - encoded;
|
|
|
40c23b |
+ return (unsigned int)(p - encoded);
|
|
|
40c23b |
#endif /* APR_CHARSET_EBCDIC */
|
|
|
40c23b |
}
|
|
|
40c23b |
|
|
|
40c23b |
@@ -240,6 +248,8 @@ APU_DECLARE(int) apr_base64_encode_binary(char *encoded,
|
|
|
40c23b |
int i;
|
|
|
40c23b |
char *p;
|
|
|
40c23b |
|
|
|
40c23b |
+ assert(len >= 0 && len <= APR_BASE64_ENCODE_MAX);
|
|
|
40c23b |
+
|
|
|
40c23b |
p = encoded;
|
|
|
40c23b |
for (i = 0; i < len - 2; i += 3) {
|
|
|
40c23b |
*p++ = basis_64[(string[i] >> 2) & 0x3F];
|
|
|
40c23b |
@@ -264,5 +274,5 @@ APU_DECLARE(int) apr_base64_encode_binary(char *encoded,
|
|
|
40c23b |
}
|
|
|
40c23b |
|
|
|
40c23b |
*p++ = '\0';
|
|
|
40c23b |
- return (int)(p - encoded);
|
|
|
40c23b |
+ return (unsigned int)(p - encoded);
|
|
|
40c23b |
}
|