search

davidmoreno / onion

C library to create simple HTTP servers and Web Applications.
http://www.coralbits.com/libonion/
Other
2.01k stars 250 forks source link

Buffer overflow in onion_base64_decode() #262

Closed adamansky closed 4 years ago

adamansky commented 4 years ago

Please check:

onion_base64_decode("11111", 0);
==7347== Invalid write of size 1
==7347==    at 0x1611E4: onion_base64_decode (codecs.c:109)
davidmoreno commented 4 years ago

Hi, I reworked how base64 is decoded, and should not give the error.

Actually your string is invalid base64, and onion_base64_decode not will return NULL if invalid data.

I also added many more test cases, including yours to the tests.

Do you mind checking if it fixes your problem?

Regards, David.

adamansky commented 4 years ago

Thank you a lot, David!