diff options
Diffstat (limited to 'meta-oe/recipes-support/libb64/libb64/0003-fix-integer-overflows.patch')
-rw-r--r-- | meta-oe/recipes-support/libb64/libb64/0003-fix-integer-overflows.patch | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/libb64/libb64/0003-fix-integer-overflows.patch b/meta-oe/recipes-support/libb64/libb64/0003-fix-integer-overflows.patch new file mode 100644 index 0000000000..8854bb6af4 --- /dev/null +++ b/meta-oe/recipes-support/libb64/libb64/0003-fix-integer-overflows.patch @@ -0,0 +1,77 @@ +From 7b30fbc3d47dfaf38d8ce8b8949a69d2984dac76 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sat, 27 Mar 2021 22:06:03 -0700 +Subject: [PATCH] fix integer overflows + +Author: Jakub Wilk <jwilk@debian.org> +Bug: http://sourceforge.net/tracker/?func=detail&aid=3591129&group_id=152942&atid=785907 + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/cdecode.c | 15 ++++++++------- + 1 file changed, 8 insertions(+), 7 deletions(-) + +diff --git a/src/cdecode.c b/src/cdecode.c +index a6c0a42..4e47e9f 100644 +--- a/src/cdecode.c ++++ b/src/cdecode.c +@@ -9,10 +9,11 @@ For details, see http://sourceforge.net/projects/libb64 + + int base64_decode_value(char value_in) + { +- static const char decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51}; ++ static const signed char decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51}; + static const char decoding_size = sizeof(decoding); ++ if (value_in < 43) return -1; + value_in -= 43; +- if (value_in < 0 || value_in >= decoding_size) return -1; ++ if (value_in > decoding_size) return -1; + return decoding[(int)value_in]; + } + +@@ -26,7 +27,7 @@ int base64_decode_block(const char* code_in, const int length_in, char* plaintex + { + const char* codechar = code_in; + char* plainchar = plaintext_out; +- char fragment; ++ int fragment; + + *plainchar = state_in->plainchar; + +@@ -42,7 +43,7 @@ int base64_decode_block(const char* code_in, const int length_in, char* plaintex + state_in->plainchar = *plainchar; + return plainchar - plaintext_out; + } +- fragment = (char)base64_decode_value(*codechar++); ++ fragment = base64_decode_value(*codechar++); + } while (fragment < 0); + *plainchar = (fragment & 0x03f) << 2; + case step_b: +@@ -53,7 +54,7 @@ int base64_decode_block(const char* code_in, const int length_in, char* plaintex + state_in->plainchar = *plainchar; + return plainchar - plaintext_out; + } +- fragment = (char)base64_decode_value(*codechar++); ++ fragment = base64_decode_value(*codechar++); + } while (fragment < 0); + *plainchar++ |= (fragment & 0x030) >> 4; + *plainchar = (fragment & 0x00f) << 4; +@@ -65,7 +66,7 @@ int base64_decode_block(const char* code_in, const int length_in, char* plaintex + state_in->plainchar = *plainchar; + return plainchar - plaintext_out; + } +- fragment = (char)base64_decode_value(*codechar++); ++ fragment = base64_decode_value(*codechar++); + } while (fragment < 0); + *plainchar++ |= (fragment & 0x03c) >> 2; + *plainchar = (fragment & 0x003) << 6; +@@ -77,7 +78,7 @@ int base64_decode_block(const char* code_in, const int length_in, char* plaintex + state_in->plainchar = *plainchar; + return plainchar - plaintext_out; + } +- fragment = (char)base64_decode_value(*codechar++); ++ fragment = base64_decode_value(*codechar++); + } while (fragment < 0); + *plainchar++ |= (fragment & 0x03f); + } |