]> git.ipfire.org Git - thirdparty/openvpn.git/commitdiff
projects / thirdparty / openvpn.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d6865ba)
Remove quadratic complexity from openvpn_base64_decode()
authorJann Horn <jann@thejh.net>
Wed, 16 Jul 2014 19:55:42 +0000 (21:55 +0200)
committerGert Doering <gert@greenie.muc.de>
Sun, 14 Sep 2014 18:52:27 +0000 (20:52 +0200)
Every four input characters, openvpn_base64_decode called token_decode,
which in turn called strlen() on the remaining input. This means that
base64 decoding in openvpn had quadratic complexity.

All we really need to know is whether the token is complete, so replace
the check to check just that, and make the complexity linear wrt the
input length.

Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <5408494D.7050407@fox-it.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/9016
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 25e1ec71dd150e803c0a25308c193fea124c7b7a)

src/openvpn/base64.c patch | blob | blame | history

diff --git a/src/openvpn/base64.c b/src/openvpn/base64.c
index bb89aae38062bfd0912abffe85e9c169637a739a..7dccec299e4bc6837e0f8d6a64f0a0293cff5921 100644 (file)
--- a/src/openvpn/base64.c
+++ b/src/openvpn/base64.c
@@ -110,7 +110,7 @@ token_decode(const char *token)
     int i;
     unsigned int val = 0;
     int marker = 0;
-    if (strlen(token) < 4)
+    if (!token[0] || !token[1] || !token[2] || !token[3])
        return DECODE_ERROR;
     for (i = 0; i < 4; i++) {
        val *= 64;
Mirror of https://github.com/OpenVPN/openvpn.git