util/base64: check dest buf size to hold 3Bytes

The destination buffer should be able to hold at least 3 Bytes during
the processing of the last block of data. If it cannot hold at least 3
Bytes, then that may lead to dynamic buffer overflow while decoding.

diff --git a/src/util-base64.c b/src/util-base64.c
index c9831ddca17f66af6f7889cce11abaf39ccbfee2..f2b4ba149dfe83994af8db4719d2256a72c80d3f 100644 (file)
--- a/src/util-base64.c
+++ b/src/util-base64.c
@@ -165,6 +165,11 @@ Base64Ecode DecodeBase64(uint8_t *dest, uint32_t dest_size, const uint8_t *src,
             ecode = BASE64_ECODE_BUF;
             return ecode;
         }
+        /* if the destination size is not at least 3 Bytes long, it'll give a dynamic
+         * buffer overflow while decoding, so, return and let the caller take care of the
+         * remaining bytes to be decoded which should always be < 4 at this stage */
+        if (dest_size - *decoded_bytes < 3)
+            return BASE64_ECODE_BUF;
         *decoded_bytes += numDecoded_blk;
         DecodeBase64Block(dptr, b64);
         *consumed_bytes += bbidx;