#2 integer overflows

open
nobody
None
5
2016-05-25
2012-11-29
Jakub Wilk
No

The attached patch fixes integers overflows in the decoder.
The first hunk is needed for systems with signed chars (e.g. i386).
The other hunks fix the decoder on unsigned-char systems (on which it's currently completely broken).

Discussion

  • Jakub Wilk

    Jakub Wilk - 2012-11-30

    Sorry, the initial patch didn't fix all the problems on unsiged char architectures. In particular, "=" decoding was still broken there. I'll attach a fixed patch in a moment.

     
  • Jonathan Wakely

    Jonathan Wakely - 2016-05-24

    This patch doesn't fix the off-by-one error in base64_decode_value that causes undefined behaviour if you call base64_decode_value(123)

     

Log in to post a comment.