From: Jason Ish <ish@unx.ca>
Date: Wed, 14 Oct 2015 19:37:45 +0000 (-0600)
Subject: util-base64: strict mode - all characters must be valid
X-Git-Tag: suricata-3.0RC1~17
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9375e8fb3c5430d43f6f50d128ec24f1b48bc03e;p=thirdparty%2Fsuricata.git

util-base64: strict mode - all characters must be valid

Introduce a strict mode to base64 decode. If strict,
the function will fail when invalid input data is seen.
If not strict, what has been decoded will be returned.

This is in support of adding a Snort compatible base64_decode
rule option that uses whatever data can be decoded as a length
of data to decode is optional.
---

diff --git a/src/util-base64.c b/src/util-base64.c
index f4b508a019..45fdc01ab4 100644
--- a/src/util-base64.c
+++ b/src/util-base64.c
@@ -83,10 +83,13 @@ static inline void DecodeBase64Block(uint8_t ascii[ASCII_BLOCK], uint8_t b64[B64
  * \param dest The destination byte buffer
  * \param src The source string
  * \param len The length of the source string
+ * \param strict If set file on invalid byte, otherwise return what has been
+ *    decoded.
  *
  * \return Number of bytes decoded, or 0 if no data is decoded or it fails
  */
-uint32_t DecodeBase64(uint8_t *dest, const uint8_t *src, uint32_t len) {
+uint32_t DecodeBase64(uint8_t *dest, const uint8_t *src, uint32_t len,
+    int strict) {
 
     int val;
     uint32_t padding = 0, numDecoded = 0, bbidx = 0, valid = 1, i;
@@ -103,7 +106,9 @@ uint32_t DecodeBase64(uint8_t *dest, const uint8_t *src, uint32_t len) {
             /* Invalid character found, so decoding fails */
             if (src[i] != '=') {
                 valid = 0;
-                numDecoded = 0;
+                if (strict) {
+                    numDecoded = 0;
+                }
                 break;
             }
             padding++;
diff --git a/src/util-base64.h b/src/util-base64.h
index fb1a90a3b5..7c8bed6262 100644
--- a/src/util-base64.h
+++ b/src/util-base64.h
@@ -49,6 +49,7 @@
 #define B64_BLOCK           4
 
 /* Function prototypes */
-uint32_t DecodeBase64(uint8_t *dest, const uint8_t *src, uint32_t len);
+uint32_t DecodeBase64(uint8_t *dest, const uint8_t *src, uint32_t len,
+    int strict);
 
 #endif
diff --git a/src/util-decode-mime.c b/src/util-decode-mime.c
index 51d1468e55..ded4cd6044 100644
--- a/src/util-decode-mime.c
+++ b/src/util-decode-mime.c
@@ -1227,7 +1227,7 @@ static uint8_t ProcessBase64Remainder(const uint8_t *buf, uint32_t len,
     /* Only decode if divisible by 4 */
     if (state->bvr_len == B64_BLOCK || force) {
         remdec = DecodeBase64(state->data_chunk + state->data_chunk_len,
-                              state->bvremain, state->bvr_len);
+                              state->bvremain, state->bvr_len, 1);
         if (remdec > 0) {
 
             /* Track decoded length */
@@ -1329,7 +1329,7 @@ static int ProcessBase64BodyLine(const uint8_t *buf, uint32_t len,
             SCLogDebug("Decoding: %u", len - rem1 - rem2);
 
             numDecoded = DecodeBase64(state->data_chunk + state->data_chunk_len,
-                    buf + offset, tobuf);
+                    buf + offset, tobuf, 1);
             if (numDecoded > 0) {
 
                 /* Track decoded length */
@@ -2888,7 +2888,7 @@ static int MimeBase64DecodeTest01(void)
     if (dst == NULL)
         return 0;
 
-    ret = DecodeBase64(dst, (const uint8_t *)base64msg, strlen(base64msg));
+    ret = DecodeBase64(dst, (const uint8_t *)base64msg, strlen(base64msg), 1);
 
     if (memcmp(dst, msg, strlen(msg)) == 0) {
         ret = 0;