avoid zero length array in base64_decode

2025-01-31 02:46:58 +00:00 · 2020-06-10 23:26:05 +08:00 · 2020-06-10 23:26:05 +08:00 · d14ebdbf0e
commit d14ebdbf0e
parent 4b305c5721
1 changed files with 9 additions and 3 deletions
--- a/libtomcrypt/src/misc/base64/base64_decode.c
+++ b/libtomcrypt/src/misc/base64/base64_decode.c
@ -43,8 +43,8 @@ static const unsigned char map_base64[256] = {
 255, 255, 255, 255 };
 #endif /* LTC_BASE64 */

-static const unsigned char map_base64url[] = {
 #if defined(LTC_BASE64_URL)
+static const unsigned char map_base64url[] = {
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
@ -67,8 +67,8 @@ static const unsigned char map_base64url[] = {
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255
-#endif /* LTC_BASE64_URL */
 };
+#endif /* LTC_BASE64_URL */

 enum {
   relaxed = 0,
@ -117,8 +117,14 @@ static int _base64_decode_internal(const unsigned char *in,  unsigned long inlen
   }

   if (y != 0) {
+      int allow_b64url = 0;
+#ifdef LTC_BASE64_URL
+      if (map == map_base64url) {
+        allow_b64url = 1;
+      }
+#endif
      if (y == 1) return CRYPT_INVALID_PACKET;
-      if ((y + g) != 4 && is_strict && map != map_base64url) return CRYPT_INVALID_PACKET;
+      if ((y + g) != 4 && is_strict && !allow_b64url) return CRYPT_INVALID_PACKET;
      t = t << (6 * (4 - y));
      if (z + y - 1 > *outlen) return CRYPT_BUFFER_OVERFLOW;
      if (y >= 2) out[z++] = (unsigned char) ((t >> 16) & 255);