From: Shivani Bhardwaj Date: Mon, 31 Oct 2022 11:04:47 +0000 (+0530) Subject: util/base64: fix heap buffer overflow X-Git-Tag: suricata-6.0.9~4 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=433266b07670ebd31da650e81ab65b58fefcf7d0;p=thirdparty%2Fsuricata.git util/base64: fix heap buffer overflow While updating the destination pointer, we were also adding the padded bytes which are not a part of the decoded bytes. This led to running out of space on the destination buffer. Fix it by only incrementing destination buffer ptr by the number of actual bytes that were decoded. Ticket 5623 Ticket 5694 --- diff --git a/src/util-base64.c b/src/util-base64.c index 531dac3044..8cc8113039 100644 --- a/src/util-base64.c +++ b/src/util-base64.c @@ -143,7 +143,7 @@ Base64Ecode DecodeBase64(uint8_t *dest, uint32_t dest_size, const uint8_t *src, /* Decode base-64 block into ascii block and move pointer */ DecodeBase64Block(dptr, b64); - dptr += ASCII_BLOCK; + dptr += numDecoded_blk; *decoded_bytes += numDecoded_blk; /* Reset base-64 block and index */ bbidx = 0;