avoid zero length array in base64_decode

1 files changed, 9 insertions, 3 deletions

diff --git a/libtomcrypt/src/misc/base64/base64_decode.c b/libtomcrypt/src/misc/base64/base64_decode.c
index 4c58c68..c1d3c80 100644
--- a/libtomcrypt/src/misc/base64/base64_decode.c
+++ b/libtomcrypt/src/misc/base64/base64_decode.c
@@ -43,8 +43,8 @@ static const unsigned char map_base64[256] = {
 255, 255, 255, 255 };
 #endif /* LTC_BASE64 */
 
-static const unsigned char map_base64url[] = {
 #if defined(LTC_BASE64_URL)
+static const unsigned char map_base64url[] = {
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
@@ -67,8 +67,8 @@ static const unsigned char map_base64url[] = {
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255
-#endif /* LTC_BASE64_URL */
 };
+#endif /* LTC_BASE64_URL */
 
 enum {
    relaxed = 0,
@@ -117,8 +117,14 @@ static int _base64_decode_internal(const unsigned char *in,  unsigned long inlen
    }
 
    if (y != 0) {
+      int allow_b64url = 0;
+#ifdef LTC_BASE64_URL
+      if (map == map_base64url) {
+        allow_b64url = 1;
+      }
+#endif
       if (y == 1) return CRYPT_INVALID_PACKET;
-      if ((y + g) != 4 && is_strict && map != map_base64url) return CRYPT_INVALID_PACKET;
+      if ((y + g) != 4 && is_strict && !allow_b64url) return CRYPT_INVALID_PACKET;
       t = t << (6 * (4 - y));
       if (z + y - 1 > *outlen) return CRYPT_BUFFER_OVERFLOW;
       if (y >= 2) out[z++] = (unsigned char) ((t >> 16) & 255);