Fix potential overflow in base64_encode

commit: 0aa45c209a9a2c4409fe4b32a0a3bf50f00dce71 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Wed Sep 30 16:30:28 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Wed Sep 30 16:37:49 2015 +0200
tree: 9c4a6e831bfbdd11ba0f1b070ce8ecf8eb2d3e47
parent: 50a739f8c36efc93d52f162c852a47efc44b3d25 [diff] [blame]
diff --git a/library/base64.c b/library/base64.c
index 16c254d..8c99538 100644
--- a/library/base64.c
+++ b/library/base64.c

@@ -85,15 +85,16 @@
         return( 0 );
     }
 
-    n = ( slen << 3 ) / 6;
+    n = slen / 3 + ( slen % 3 != 0 );
 
-    switch( ( slen << 3 ) - ( n * 6 ) )
+    if( n > ( SIZE_T_MAX - 1 ) / 4 )
     {
-        case  2: n += 3; break;
-        case  4: n += 2; break;
-        default: break;
+        *olen = SIZE_T_MAX;
+        return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
     }
 
+    n *= 4;
+
     if( dlen < n + 1 )
     {
         *olen = n + 1;
commit	0aa45c209a9a2c4409fe4b32a0a3bf50f00dce71	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Wed Sep 30 16:30:28 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Wed Sep 30 16:37:49 2015 +0200
tree	9c4a6e831bfbdd11ba0f1b070ce8ecf8eb2d3e47
parent	50a739f8c36efc93d52f162c852a47efc44b3d25 [diff] [blame]