overflow in b64_encode
tim-napoli opened this issue · comments
tim-napoli commented
Hi,
in your function you're writing this:
enc = realloc(size);
enc[size++] = something;
This is wrong. If you allocates n byte, you cannot access the nth first bytes of the allocated array (think using size = 1
).
You need to allocate n + 1. And check the end of the function, you have another invalid write there
(just use b64_encode with valgrind).
Have fix that using static strings.
I prefer a function with this signature :
/*
* Encode some data in b64.
* @param src Pointer to the content to encode
* @param len Content's length
* @param dst Pointer to the encoded result string (NULL-terminated)
* @param dst_size Maximal size of the dst content.
* @return Some error if `dst_size` is lower than the required decoded content length.
*/
int b64_encode(const char* src, size_t len, char* dst, size_t dst_size);
This way your implementation doesn't allocate anything by itself, discharging this responsibility to the caller.
tim-napoli commented
NVM, the problem is only present in the sources I pulled using clib ?