Summary: | ASTERISK-14266: [patch] BASE64_DECODE() adds garbage end end of decoded string | ||
Reporter: | David Chappell (chappell) | Labels: | |
Date Opened: | 2009-06-04 10:16:24 | Date Closed: | 2009-11-10 16:22:12.000-0600 |
Priority: | Minor | Regression? | No |
Status: | Closed/Complete | Components: | Functions/func_base64 |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ( 0) base64_fix.patch | |
Description: | This problem has two causes: 1) BASE64_DECODE() fails to null terminate its return value. This becomes evident if first a long string is decoded and then a short one. The short one will have have the last part of the long string appended to it. 2) What is more, ast_base64decode() does not recognize the equals signs which pad the end of a string the length of which is not a multiple of three bytes. Rather than stopping, it decodes the padding as data, producing bogus output. ****** ADDITIONAL INFORMATION ****** It appears that the patch in bug 0010979 was intended to fix part one of this problem. However, it performed the null termination in ast_base64decode() rather than in BASE64_DECODE(). As pointed out in bug report 0011018, this resulted in truncation of RSA keys when the buffer provided to ast_base64decode() was of exactly the correct size. So, the change was reverted, which caused the original bug to return. I cannot find any reference to the second part of the problem in the bug tracker. | ||
Comments: | By: Mark Murawski (kobaz) 2009-09-09 15:21:33 In trunk, the base64 decoded string is properly null terminated now, but still doesn't stop after encountering an '=' main/utils.c: Line 270 - while (*src && (cnt < max)) { + while (*src && (*src != '=') && (cnt < max)) { By: Digium Subversion (svnbot) 2009-11-06 10:32:36.000-0600 Repository: asterisk Revision: 228378 U branches/1.4/funcs/func_base64.c U branches/1.4/main/utils.c ------------------------------------------------------------------------ r228378 | mnicholson | 2009-11-06 10:32:35 -0600 (Fri, 06 Nov 2009) | 8 lines Properly handle '=' while decoding base64 messages and null terminate strings returned from BASE64_DECODE. (closes issue ASTERISK-14266) Reported by: chappell Patches: base64_fix.patch uploaded by chappell (license 8) Tested by: kobaz ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=228378 By: Digium Subversion (svnbot) 2009-11-06 13:52:48.000-0600 Repository: asterisk Revision: 228620 _U trunk/ U trunk/funcs/func_base64.c U trunk/main/utils.c ------------------------------------------------------------------------ r228620 | mnicholson | 2009-11-06 13:52:47 -0600 (Fri, 06 Nov 2009) | 15 lines Merged revisions 228378 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r228378 | mnicholson | 2009-11-06 10:26:59 -0600 (Fri, 06 Nov 2009) | 8 lines Properly handle '=' while decoding base64 messages and null terminate strings returned from BASE64_DECODE. (closes issue ASTERISK-14266) Reported by: chappell Patches: base64_fix.patch uploaded by chappell (license 8) Tested by: kobaz ........ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=228620 By: Digium Subversion (svnbot) 2009-11-06 14:31:54.000-0600 Repository: asterisk Revision: 228649 _U branches/1.6.2/ U branches/1.6.2/funcs/func_base64.c U branches/1.6.2/main/utils.c ------------------------------------------------------------------------ r228649 | mnicholson | 2009-11-06 14:31:53 -0600 (Fri, 06 Nov 2009) | 22 lines Merged revisions 228620 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ................ r228620 | mnicholson | 2009-11-06 13:47:11 -0600 (Fri, 06 Nov 2009) | 15 lines Merged revisions 228378 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r228378 | mnicholson | 2009-11-06 10:26:59 -0600 (Fri, 06 Nov 2009) | 8 lines Properly handle '=' while decoding base64 messages and null terminate strings returned from BASE64_DECODE. (closes issue ASTERISK-14266) Reported by: chappell Patches: base64_fix.patch uploaded by chappell (license 8) Tested by: kobaz ........ ................ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=228649 By: Digium Subversion (svnbot) 2009-11-06 14:42:46.000-0600 Repository: asterisk Revision: 228650 _U branches/1.6.1/ U branches/1.6.1/funcs/func_base64.c U branches/1.6.1/main/utils.c ------------------------------------------------------------------------ r228650 | mnicholson | 2009-11-06 14:42:45 -0600 (Fri, 06 Nov 2009) | 22 lines Merged revisions 228620 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ................ r228620 | mnicholson | 2009-11-06 13:47:11 -0600 (Fri, 06 Nov 2009) | 15 lines Merged revisions 228378 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r228378 | mnicholson | 2009-11-06 10:26:59 -0600 (Fri, 06 Nov 2009) | 8 lines Properly handle '=' while decoding base64 messages and null terminate strings returned from BASE64_DECODE. (closes issue ASTERISK-14266) Reported by: chappell Patches: base64_fix.patch uploaded by chappell (license 8) Tested by: kobaz ........ ................ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=228650 By: Digium Subversion (svnbot) 2009-11-06 14:47:42.000-0600 Repository: asterisk Revision: 228651 _U branches/1.6.0/ U branches/1.6.0/funcs/func_base64.c U branches/1.6.0/main/utils.c ------------------------------------------------------------------------ r228651 | mnicholson | 2009-11-06 14:47:42 -0600 (Fri, 06 Nov 2009) | 22 lines Merged revisions 228620 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ................ r228620 | mnicholson | 2009-11-06 13:47:11 -0600 (Fri, 06 Nov 2009) | 15 lines Merged revisions 228378 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r228378 | mnicholson | 2009-11-06 10:26:59 -0600 (Fri, 06 Nov 2009) | 8 lines Properly handle '=' while decoding base64 messages and null terminate strings returned from BASE64_DECODE. (closes issue ASTERISK-14266) Reported by: chappell Patches: base64_fix.patch uploaded by chappell (license 8) Tested by: kobaz ........ ................ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=228651 |