github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix invalid memory write on base64 forgiven decode

Browse Source
This commit is contained in:
Felipe Zimmerle 2016-06-16 12:26:05 -03:00
parent 7be5fde62a
commit a4c7d534f2
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/utils/base64.cc
View File

@ -186,8 +186,8 @@ void Base64::decode_forgiven_engine(unsigned char *plain_text,
}
i++;
}
k = j;
if (ch == b64_pad) {
switch(i % 4) {
case 1:
@ -206,7 +206,11 @@ void Base64::decode_forgiven_engine(unsigned char *plain_text,
plain_text[j] = '\0';
}
*aiming_size = j;
if (plain_text_size == 0) {
*aiming_size = k + 1;
} else {
*aiming_size = j;
}
}