diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-11-28 15:15:05 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-11-28 15:15:05 +0000 |
| commit | a361e10158078bf886a8dacfe3eb0af10bd74e00 (patch) | |
| tree | 5be5af85156c74922f9896b4abe4c7d87ab3880f | |
| parent | 94a4d8af92d4f4ee9c97d3559bf2d4c452c71269 (diff) | |
| parent | 8183854917d100a9475d854cdb0f7c0a931ccd4d (diff) | |
| download | gnutls-a361e10158078bf886a8dacfe3eb0af10bd74e00.tar.gz | |
Merge branch 'tmp-fix-base64' into 'master'
gnutls_base64_decode2() succeeds decoding the empty string
Closes #834
See merge request gnutls/gnutls!1124
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | lib/x509_b64.c | 7 | ||||
| -rw-r--r-- | tests/base64-raw.c | 12 |
3 files changed, 15 insertions, 8 deletions
@@ -15,6 +15,10 @@ See the end for copying conditions. ** libgnutls: Corrected issue with TLS 1.2 session ticket handling as client during resumption (#841). +** libgnutls: gnutls_base64_decode2() succeeds decoding the empty string to + the empty string. This is a behavioral change of the API but it conforms + to the RFC4648 expectations (#834). + ** certtool: CRL distribution points will be set in CA certificates even when non self-signed (#765). diff --git a/lib/x509_b64.c b/lib/x509_b64.c index 41ee7235fc..edfbe5c198 100644 --- a/lib/x509_b64.c +++ b/lib/x509_b64.c @@ -258,8 +258,11 @@ _gnutls_base64_decode(const uint8_t * data, size_t data_size, gnutls_datum_t pdata; struct base64_decode_ctx ctx; - if (data_size == 0) - return gnutls_assert_val(GNUTLS_E_BASE64_DECODING_ERROR); + if (data_size == 0) { + result->data = (unsigned char*)gnutls_strdup(""); + result->size = 0; + return 0; + } ret = cpydata(data, data_size, &pdata); if (ret < 0) { diff --git a/tests/base64-raw.c b/tests/base64-raw.c index 8eeff237aa..820d8744ed 100644 --- a/tests/base64-raw.c +++ b/tests/base64-raw.c @@ -207,6 +207,12 @@ struct decode_tests_st { struct decode_tests_st decode_tests[] = { { + .name = "empty", + .pem = "", + .raw = {(void*)"", 0}, + .res = 0 + }, + { .name = "dec-rnd1", .pem = "9ppGioRpeiiD2lLNYC85eA==", .raw = {(void*)"\xf6\x9a\x46\x8a\x84\x69\x7a\x28\x83\xda\x52\xcd\x60\x2f\x39\x78", 16}, @@ -231,12 +237,6 @@ struct decode_tests_st decode_tests[] = { .res = GNUTLS_E_BASE64_DECODING_ERROR }, { - .name = "dec-empty", - .pem = "", - .raw = {(void*)"", 1}, - .res = GNUTLS_E_BASE64_DECODING_ERROR - }, - { .name = "dec-invalid-suffix", .pem = "LJ/7hUZ3TtPIz2dlc5+YvELe+Q==XXX", .raw = {(void*)"\x2c\x9f\xfb\x85\x46\x77\x4e\xd3\xc8\xcf\x67\x65\x73\x9f\x98\xbc\x42\xde\xf9", 19}, |