From: Shivani Bhardwaj Date: Thu, 30 Mar 2023 07:43:08 +0000 (+0530) Subject: util/base64: check dest buf size to hold 3Bytes X-Git-Tag: suricata-7.0.0~59 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=62d782156caddec0b4ca795d7236c6483d02efff;p=thirdparty%2Fsuricata.git util/base64: check dest buf size to hold 3Bytes The destination buffer should be able to hold at least 3 Bytes during the processing of the last block of data. If it cannot hold at least 3 Bytes, then that may lead to dynamic buffer overflow while decoding. --- diff --git a/src/util-base64.c b/src/util-base64.c index c9831ddca1..f2b4ba149d 100644 --- a/src/util-base64.c +++ b/src/util-base64.c @@ -165,6 +165,11 @@ Base64Ecode DecodeBase64(uint8_t *dest, uint32_t dest_size, const uint8_t *src, ecode = BASE64_ECODE_BUF; return ecode; } + /* if the destination size is not at least 3 Bytes long, it'll give a dynamic + * buffer overflow while decoding, so, return and let the caller take care of the + * remaining bytes to be decoded which should always be < 4 at this stage */ + if (dest_size - *decoded_bytes < 3) + return BASE64_ECODE_BUF; *decoded_bytes += numDecoded_blk; DecodeBase64Block(dptr, b64); *consumed_bytes += bbidx;