From: Shivani Bhardwaj Date: Thu, 3 Dec 2020 11:30:17 +0000 (+0530) Subject: output: use BASE64_BUFFER_SIZE macro X-Git-Tag: suricata-6.0.1~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ea0936199d142fc52ec69baf7984cbdd92dd4705;p=thirdparty%2Fsuricata.git output: use BASE64_BUFFER_SIZE macro Base64Encode function requires the maximum length of the output string as its last parameter. Use the macro BASE64_BUFFER_SIZE to calculate it correctly. --- diff --git a/src/log-tlsstore.c b/src/log-tlsstore.c index 8bf5d28573..3d50f5ca2d 100644 --- a/src/log-tlsstore.c +++ b/src/log-tlsstore.c @@ -123,7 +123,7 @@ static void LogTlsLogPem(LogTlsStoreLogThread *aft, const Packet *p, SSLState *s } TAILQ_FOREACH(cert, &state->server_connp.certs, next) { - pemlen = (4 * (cert->cert_len + 2) / 3) +1; + pemlen = BASE64_BUFFER_SIZE(cert->cert_len); if (pemlen > aft->enc_buf_len) { ptmp = (uint8_t*) SCRealloc(aft->enc_buf, sizeof(uint8_t) * pemlen); if (ptmp == NULL) { diff --git a/src/output-json-alert.c b/src/output-json-alert.c index dc2714669f..c0db7ef084 100644 --- a/src/output-json-alert.c +++ b/src/output-json-alert.c @@ -423,7 +423,7 @@ static void AlertJsonTunnel(const Packet *p, JsonBuilder *js) static void AlertAddPayload(AlertJsonOutputCtx *json_output_ctx, JsonBuilder *js, const Packet *p) { if (json_output_ctx->flags & LOG_JSON_PAYLOAD_BASE64) { - unsigned long len = p->payload_len * 2 + 1; + unsigned long len = BASE64_BUFFER_SIZE(p->payload_len); uint8_t encoded[len]; if (Base64Encode(p->payload, p->payload_len, encoded, &len) == SC_BASE64_OK) { jb_set_string(js, "payload", (char *)encoded); @@ -673,7 +673,7 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p) (void *)payload); if (payload->offset) { if (json_output_ctx->flags & LOG_JSON_PAYLOAD_BASE64) { - unsigned long len = json_output_ctx->payload_buffer_size * 2; + unsigned long len = BASE64_BUFFER_SIZE(json_output_ctx->payload_buffer_size); uint8_t encoded[len]; Base64Encode(payload->buffer, payload->offset, encoded, &len); jb_set_string(jb, "payload", (char *)encoded); diff --git a/src/output-json-dnp3-objects.c b/src/output-json-dnp3-objects.c index fbd8144255..01e18dd7f4 100644 --- a/src/output-json-dnp3-objects.c +++ b/src/output-json-dnp3-objects.c @@ -1502,7 +1502,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, jb_set_string(js, "data->vendor_code", data->vendor_code); jb_set_uint(js, "object_id", data->object_id); jb_set_uint(js, "length", data->length); - unsigned long data_objects_b64_len = data->length * 2; + unsigned long data_objects_b64_len = BASE64_BUFFER_SIZE(data->length); uint8_t data_objects_b64[data_objects_b64_len]; Base64Encode(data->data_objects, data->length, data_objects_b64, &data_objects_b64_len); @@ -1532,7 +1532,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, jb_set_uint(js, "usr", data->usr); jb_set_uint(js, "mal", data->mal); jb_set_uint(js, "reason", data->reason); - unsigned long challenge_data_b64_len = data->challenge_data_len * 2; + unsigned long challenge_data_b64_len = BASE64_BUFFER_SIZE(data->challenge_data_len); uint8_t challenge_data_b64[challenge_data_b64_len]; Base64Encode(data->challenge_data, data->challenge_data_len, challenge_data_b64, &challenge_data_b64_len); @@ -1543,7 +1543,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, DNP3ObjectG120V2 *data = point->data; jb_set_uint(js, "csq", data->csq); jb_set_uint(js, "usr", data->usr); - unsigned long mac_value_b64_len = data->mac_value_len * 2; + unsigned long mac_value_b64_len = BASE64_BUFFER_SIZE(data->mac_value_len); uint8_t mac_value_b64[mac_value_b64_len]; Base64Encode(data->mac_value, data->mac_value_len, mac_value_b64, &mac_value_b64_len); @@ -1569,12 +1569,12 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, jb_set_uint(js, "key_status", data->key_status); jb_set_uint(js, "mal", data->mal); jb_set_uint(js, "challenge_data_len", data->challenge_data_len); - unsigned long challenge_data_b64_len = data->challenge_data_len * 2; + unsigned long challenge_data_b64_len = BASE64_BUFFER_SIZE(data->challenge_data_len); uint8_t challenge_data_b64[challenge_data_b64_len]; Base64Encode(data->challenge_data, data->challenge_data_len, challenge_data_b64, &challenge_data_b64_len); jb_set_string(js, "data->challenge_data", (char *)challenge_data_b64); - unsigned long mac_value_b64_len = data->mac_value_len * 2; + unsigned long mac_value_b64_len = BASE64_BUFFER_SIZE(data->mac_value_len); uint8_t mac_value_b64[mac_value_b64_len]; Base64Encode(data->mac_value, data->mac_value_len, mac_value_b64, &mac_value_b64_len); @@ -1585,7 +1585,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, DNP3ObjectG120V6 *data = point->data; jb_set_uint(js, "ksq", data->ksq); jb_set_uint(js, "usr", data->usr); - unsigned long wrapped_key_data_b64_len = data->wrapped_key_data_len * 2; + unsigned long wrapped_key_data_b64_len = BASE64_BUFFER_SIZE(data->wrapped_key_data_len); uint8_t wrapped_key_data_b64[wrapped_key_data_b64_len]; Base64Encode(data->wrapped_key_data, data->wrapped_key_data_len, wrapped_key_data_b64, &wrapped_key_data_b64_len); @@ -1615,7 +1615,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, DNP3ObjectG120V8 *data = point->data; jb_set_uint(js, "key_change_method", data->key_change_method); jb_set_uint(js, "certificate_type", data->certificate_type); - unsigned long certificate_b64_len = data->certificate_len * 2; + unsigned long certificate_b64_len = BASE64_BUFFER_SIZE(data->certificate_len); uint8_t certificate_b64[certificate_b64_len]; Base64Encode(data->certificate, data->certificate_len, certificate_b64, &certificate_b64_len); @@ -1624,7 +1624,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, } case DNP3_OBJECT_CODE(120, 9): { DNP3ObjectG120V9 *data = point->data; - unsigned long mac_value_b64_len = data->mac_value_len * 2; + unsigned long mac_value_b64_len = BASE64_BUFFER_SIZE(data->mac_value_len); uint8_t mac_value_b64[mac_value_b64_len]; Base64Encode(data->mac_value, data->mac_value_len, mac_value_b64, &mac_value_b64_len); @@ -1651,12 +1651,12 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, } else { jb_set_string(js, "username", ""); } - unsigned long user_public_key_b64_len = data->user_public_key_len * 2; + unsigned long user_public_key_b64_len = BASE64_BUFFER_SIZE(data->user_public_key_len); uint8_t user_public_key_b64[user_public_key_b64_len]; Base64Encode(data->user_public_key, data->user_public_key_len, user_public_key_b64, &user_public_key_b64_len); jb_set_string(js, "data->user_public_key", (char *)user_public_key_b64); - unsigned long certification_data_b64_len = data->certification_data_len * 2; + unsigned long certification_data_b64_len = BASE64_BUFFER_SIZE(data->certification_data_len); uint8_t certification_data_b64[certification_data_b64_len]; Base64Encode(data->certification_data, data->certification_data_len, certification_data_b64, &certification_data_b64_len); @@ -1678,7 +1678,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, } else { jb_set_string(js, "username", ""); } - unsigned long master_challenge_data_b64_len = data->master_challenge_data_len * 2; + unsigned long master_challenge_data_b64_len = BASE64_BUFFER_SIZE(data->master_challenge_data_len); uint8_t master_challenge_data_b64[master_challenge_data_b64_len]; Base64Encode(data->master_challenge_data, data->master_challenge_data_len, master_challenge_data_b64, &master_challenge_data_b64_len); @@ -1690,7 +1690,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, jb_set_uint(js, "ksq", data->ksq); jb_set_uint(js, "user_number", data->user_number); jb_set_uint(js, "challenge_data_len", data->challenge_data_len); - unsigned long challenge_data_b64_len = data->challenge_data_len * 2; + unsigned long challenge_data_b64_len = BASE64_BUFFER_SIZE(data->challenge_data_len); uint8_t challenge_data_b64[challenge_data_b64_len]; Base64Encode(data->challenge_data, data->challenge_data_len, challenge_data_b64, &challenge_data_b64_len); @@ -1702,7 +1702,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, jb_set_uint(js, "ksq", data->ksq); jb_set_uint(js, "user_number", data->user_number); jb_set_uint(js, "encrypted_update_key_len", data->encrypted_update_key_len); - unsigned long encrypted_update_key_data_b64_len = data->encrypted_update_key_len * 2; + unsigned long encrypted_update_key_data_b64_len = BASE64_BUFFER_SIZE(data->encrypted_update_key_len); uint8_t encrypted_update_key_data_b64[encrypted_update_key_data_b64_len]; Base64Encode(data->encrypted_update_key_data, data->encrypted_update_key_len, encrypted_update_key_data_b64, &encrypted_update_key_data_b64_len); @@ -1711,7 +1711,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, } case DNP3_OBJECT_CODE(120, 14): { DNP3ObjectG120V14 *data = point->data; - unsigned long digital_signature_b64_len = data->digital_signature_len * 2; + unsigned long digital_signature_b64_len = BASE64_BUFFER_SIZE(data->digital_signature_len); uint8_t digital_signature_b64[digital_signature_b64_len]; Base64Encode(data->digital_signature, data->digital_signature_len, digital_signature_b64, &digital_signature_b64_len); @@ -1720,7 +1720,7 @@ void OutputJsonDNP3SetItem(JsonBuilder *js, DNP3Object *object, } case DNP3_OBJECT_CODE(120, 15): { DNP3ObjectG120V15 *data = point->data; - unsigned long mac_b64_len = data->mac_len * 2; + unsigned long mac_b64_len = BASE64_BUFFER_SIZE(data->mac_len); uint8_t mac_b64[mac_b64_len]; Base64Encode(data->mac, data->mac_len, mac_b64, &mac_b64_len); diff --git a/src/output-json-http.c b/src/output-json-http.c index 1ec79349ad..585a303681 100644 --- a/src/output-json-http.c +++ b/src/output-json-http.c @@ -434,7 +434,7 @@ static void BodyBase64Buffer(JsonBuilder *js, HtpBody *body, const char *key) return; } - unsigned long len = body_data_len * 2 + 1; + unsigned long len = BASE64_BUFFER_SIZE(body_data_len); uint8_t encoded[len]; if (Base64Encode(body_data, body_data_len, encoded, &len) == SC_BASE64_OK) { jb_set_string(js, key, (char *)encoded); diff --git a/src/output-json-tls.c b/src/output-json-tls.c index 90a83522f4..3bf30a8058 100644 --- a/src/output-json-tls.c +++ b/src/output-json-tls.c @@ -261,7 +261,7 @@ static void JsonTlsLogCertificate(JsonBuilder *js, SSLState *ssl_state) return; } - unsigned long len = cert->cert_len * 2; + unsigned long len = BASE64_BUFFER_SIZE(cert->cert_len); uint8_t encoded[len]; if (Base64Encode(cert->cert_data, cert->cert_len, encoded, &len) == SC_BASE64_OK) { @@ -279,7 +279,7 @@ static void JsonTlsLogChain(JsonBuilder *js, SSLState *ssl_state) SSLCertsChain *cert; TAILQ_FOREACH(cert, &ssl_state->server_connp.certs, next) { - unsigned long len = cert->cert_len * 2; + unsigned long len = BASE64_BUFFER_SIZE(cert->cert_len); uint8_t encoded[len]; if (Base64Encode(cert->cert_data, cert->cert_len, encoded, &len) == SC_BASE64_OK) { diff --git a/src/output-json.c b/src/output-json.c index ce7250b75c..57b4222002 100644 --- a/src/output-json.c +++ b/src/output-json.c @@ -465,7 +465,7 @@ void EveAddCommonOptions(const OutputJsonCommonSettings *cfg, void EvePacket(const Packet *p, JsonBuilder *js, unsigned long max_length) { unsigned long max_len = max_length == 0 ? GET_PKT_LEN(p) : max_length; - unsigned long len = 2 * max_len; + unsigned long len = BASE64_BUFFER_SIZE(max_len); uint8_t encoded_packet[len]; if (Base64Encode((unsigned char*) GET_PKT_DATA(p), max_len, encoded_packet, &len) == SC_BASE64_OK) { jb_set_string(js, "packet", (char *)encoded_packet);