From: Daniel Stenberg Date: Fri, 19 Sep 2025 11:47:16 +0000 (+0200) Subject: base64: accept zero length argument to base64_encode X-Git-Tag: rc-8_17_0-2~449 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5e2d4d790575d4ad0381c4862f5e435a3b6532d1;p=thirdparty%2Fcurl.git base64: accept zero length argument to base64_encode We used to treat 0 as "call strlen() to get the length" for curlx_base64_encode, but it turns out this is rather fragile as we easily do the mistake of passing in zero when the data is actually not there and then calling strlen() is wrong. Force the caller to pass in the correct size. A zero length input string now returns a zero length output and a NULL pointer. Closes #18617 --- diff --git a/lib/curlx/base64.c b/lib/curlx/base64.c index dc6e9c001c..5f6887bd5c 100644 --- a/lib/curlx/base64.c +++ b/lib/curlx/base64.c @@ -182,7 +182,7 @@ static CURLcode base64_encode(const char *table64, *outlen = 0; if(!insize) - insize = strlen(inputbuff); + return CURLE_OK; #if SIZEOF_SIZE_T == 4 if(insize > UINT_MAX/4) @@ -240,8 +240,6 @@ static CURLcode base64_encode(const char *table64, * encoded data. Size of encoded data is returned in variable pointed by * outlen. * - * Input length of 0 indicates input buffer holds a null-terminated string. - * * Returns CURLE_OK on success, otherwise specific error code. Function * output shall not be considered valid unless CURLE_OK is returned. * diff --git a/tests/unit/unit1302.c b/tests/unit/unit1302.c index 54693631ff..a1676699f2 100644 --- a/tests/unit/unit1302.c +++ b/tests/unit/unit1302.c @@ -172,7 +172,7 @@ static CURLcode test_unit1302(const char *arg) fprintf(stderr, "Test %u URL encoded output length %d instead of %d\n", i, (int)olen, (int)e->olen); } - if(memcmp(out, e->output, e->olen)) { + if(out && memcmp(out, e->output, e->olen)) { fprintf(stderr, "Test %u URL encoded badly. Got '%s', expected '%s'\n", i, out, e->output); unitfail++;