blob: 2457806454ecd8b5e45e8a14d4babc315398801e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
Description: fix two-byte out-of-bounds stack write
BASE64_ENCODE_LENGTH() calculates the encoded size without padding
Author: Timo Weingärtner <timo@tiwe.de>
Origin: upstream, https://git.tiwe.de/ssh-agent-filter.git/commit/?id=87f2de93a6522bbcf17d1960e78641df8ecd85d3
Bug-Debian: https://bugs.debian.org/914501
Forwarded: not-needed
Last-Update: 2018-11-24
--- ssh-agent-filter-0.4.2.orig/ssh-agent-filter.C
+++ ssh-agent-filter-0.4.2/ssh-agent-filter.C
@@ -116,12 +116,9 @@ string md5_hex (string const & s) {
}
string base64_encode (string const & s) {
- struct base64_encode_ctx ctx;
- base64_encode_init(&ctx);
- uint8_t b64[BASE64_ENCODE_LENGTH(s.size())];
- auto len = base64_encode_update(&ctx, b64, s.size(), reinterpret_cast<uint8_t const *>(s.data()));
- len += base64_encode_final(&ctx, b64 + len);
- return {reinterpret_cast<char const *>(b64), len};
+ uint8_t b64[BASE64_ENCODE_RAW_LENGTH(s.size())];
+ base64_encode_raw(b64, s.size(), reinterpret_cast<uint8_t const *>(s.data()));
+ return {reinterpret_cast<char const *>(b64), sizeof(b64)};
}
void cloexec (int fd) {
|