From: Shivani Bhardwaj <shivani@oisf.net>
Date: Thu, 30 Mar 2023 07:24:29 +0000 (+0530)
Subject: util/base64: fix padding bytes for trailing data
X-Git-Tag: suricata-7.0.0~61
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=095c335c72befec2cfcd43390f86d116926bcd17;p=thirdparty%2Fsuricata.git

util/base64: fix padding bytes for trailing data

Padding bytes for the last remainder data should be as follows:

Case   |    Remainder bytes     |    Padding
----------------------------------------------
  I    |              1         |      3
  II   |              2         |      2
  III  |              3         |      1

However, we calculate the decoded_bytes with the formula:
decoded_bytes = ASCII_BLOCK - padding

this means for Case I when padding is 3 bytes, the decoded_bytes would
be 0. This is incorrect for any trailing data. In any of the above
cases, if the parsing was successful, there should at least be 1 decoded
byte.
---

diff --git a/src/util-base64.c b/src/util-base64.c
index 3a5754a074..b8434a564a 100644
--- a/src/util-base64.c
+++ b/src/util-base64.c
@@ -157,7 +157,8 @@ Base64Ecode DecodeBase64(uint8_t *dest, uint32_t dest_size, const uint8_t *src,
     }
 
     if (bbidx > 0 && bbidx < 4 && ((!valid && mode == BASE64_MODE_RFC4648))) {
-        padding = B64_BLOCK - bbidx;
+        /* Decoded bytes for 1 or 2 base64 encoded bytes is 1 */
+        padding = bbidx > 1 ? B64_BLOCK - bbidx : 2;
         *decoded_bytes += ASCII_BLOCK - padding;
         DecodeBase64Block(dptr, b64);
         *consumed_bytes += bbidx;