diff options
author | Paul Eggert <eggert@cs.ucla.edu> | 2021-08-29 12:58:49 -0700 |
---|---|---|
committer | Paul Eggert <eggert@cs.ucla.edu> | 2021-08-29 12:59:53 -0700 |
commit | 6aafd2a92b4bb48937f3e767e51a4b7abf2f2217 (patch) | |
tree | be10530c2cc468b82000856f99a3e109835a583d | |
parent | a55152ea2eb061403ab128cd7a63772753e83cd0 (diff) | |
download | gnulib-6aafd2a92b4bb48937f3e767e51a4b7abf2f2217.tar.gz |
base32, base64: treat negative sizes as overflows
* lib/base64.c (base64_encode_alloc):
* lib/base32.c (base32_encode_alloc):
Treat negative sizes as overflows, for better compatibility
with previous API.
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | lib/base32.c | 6 | ||||
-rw-r--r-- | lib/base64.c | 6 |
3 files changed, 16 insertions, 4 deletions
@@ -1,3 +1,11 @@ +2021-08-29 Paul Eggert <eggert@cs.ucla.edu> + + base32, base64: treat negative sizes as overflows + * lib/base64.c (base64_encode_alloc): + * lib/base32.c (base32_encode_alloc): + Treat negative sizes as overflows, for better compatibility + with previous API. + 2021-08-29 Bruno Haible <bruno@clisp.org> explicit_bzero test: Fix test failure due to GCC optimizations. diff --git a/lib/base32.c b/lib/base32.c index e3f2f9b4c1..037747d80d 100644 --- a/lib/base32.c +++ b/lib/base32.c @@ -141,9 +141,11 @@ base32_encode (const char *restrict in, idx_t inlen, idx_t base32_encode_alloc (const char *in, idx_t inlen, char **out) { - /* Check for overflow in outlen computation. */ + /* Check for overflow in outlen computation. + Treat negative INLEN as overflow, for better compatibility with + pre-2021-08-27 API, which used size_t. */ idx_t in_over_5 = inlen / 5 + (inlen % 5 != 0), outlen; - if (! INT_MULTIPLY_OK (in_over_5, 8, &outlen)) + if (! INT_MULTIPLY_OK (in_over_5, 8, &outlen) || inlen < 0) { *out = NULL; return 0; diff --git a/lib/base64.c b/lib/base64.c index 4611fe5485..b204cb7117 100644 --- a/lib/base64.c +++ b/lib/base64.c @@ -146,9 +146,11 @@ base64_encode (const char *restrict in, idx_t inlen, idx_t base64_encode_alloc (const char *in, idx_t inlen, char **out) { - /* Check for overflow in outlen computation. */ + /* Check for overflow in outlen computation. + Treat negative INLEN as overflow, for better compatibility with + pre-2021-08-27 API, which used size_t. */ idx_t in_over_3 = inlen / 3 + (inlen % 3 != 0), outlen; - if (! INT_MULTIPLY_OK (in_over_3, 4, &outlen)) + if (! INT_MULTIPLY_OK (in_over_3, 4, &outlen) || inlen < 0) { *out = NULL; return 0; |