base64.c: Fix off-by-one error and cleanup.

Author: conte91

src/base64.c

@@ -28,13 +28,10 @@
   YWxsIHlvdXIgYmFzZSBhcmUgYmVsb25nIHRvIHVz
 
 */
-#ifndef BASE64_H
-#define BASE64_H
 
 #include "base64.h"
-#include <stdio.h>
-#include <string.h>
 #include <stdlib.h>
+#include <string.h>
 
 static const char *b64 =
     "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" ;
@@ -67,11 +64,8 @@ static const unsigned char unb64[] = {
     0,   0,   0,   0,   0,   0,   0,   0,   0,   0, //240
     0,   0,   0,   0,   0,   0,   0,   0,   0,   0, //250
     0,   0,   0,   0,   0,   0,
-}; // This array has 255 elements
+}; // This array has 256 elements
 
-// Converts binary data of length=len to base64 characters.
-// Length of the resultant string is stored in flen
-// (you must pass pointer flen).
 char *base64( const void *binaryData, int len, int *flen )
 {
     const unsigned char *bin = (const unsigned char *) binaryData ;
@@ -124,8 +118,8 @@ unsigned char *unbase64( const char *ascii, int len, int *flen )
     int charNo;
     int pad = 0 ;
 
-    if ( len < 2 ) { // 2 accesses below would be OOB.
-        // catch empty string, return NULL as result.
+    if ((len <= 0) || (len % 4 != 0)) { // 2 accesses below would be OOB.
+        // catch empty string or incorrect padding size, return NULL as result.
         *flen = 0;
         return 0;
     }
@@ -149,6 +143,14 @@ unsigned char *unbase64( const char *ascii, int len, int *flen )
         }
     }
 
+    /*
+     * Length is guaranteed to be >0 and a multiple of 4 here,
+     * so the integer division will  be exact and positive.
+     * Any '=' in the input padding removes a byte
+     * from the output.
+     *
+     * Note that this guarantees a positive value for flen.
+     */
     *flen = 3 * len / 4 - pad ;
     bin = malloc( *flen ) ;
     if ( !bin ) {
@@ -182,5 +184,3 @@ unsigned char *unbase64( const char *ascii, int len, int *flen )
 
     return bin ;
 }
-
-#endif

src/base64.h

@@ -36,12 +36,28 @@
 #ifndef _BASE64_H_
 #define _BASE64_H_
 
-
-// Converts binary data of length=len to base64 characters.
-// Length of the resultant string is stored in flen
-// (you must pass pointer flen).
-char *base64( const void *binaryData, int len, int *flen );
+/**
+ * Converts binary data of length=len to base64 characters.
+ *
+ * @param[in] binaryData Binary buffer to encode. Must be len bytes long.
+ * @paramm[in] len Length of the binaryData buffer.
+ * @param[out] flen Resulting length of the encoded buffer.
+ * @return Decoded buffer, or NULL if an error occurred. Must be free()'d by the
+ * caller.
+ */
+char *base64(const void *binaryData, int len, int *flen);
+
+/**
+ * Decodes the provided base64 string.
+ *
+ * @param[in] ascii Base64-encoded buffer to decoded. Must contain a
+ * zero-terminated string.
+ * @param[in] len Length of the string to decode (excluding the terminating
+ * character).
+ * @param[out] flen Resulting length of the decoded buffer.
+ * @return Decoded buffer, or NULL if an error occurred. Must be free()'d by the
+ * caller.
+ */
 unsigned char *unbase64( const char *ascii, int len, int *flen );
 
-
 #endif

src/cipher.c

@@ -101,10 +101,14 @@ static uint8_t *cipher_aes_encrypt(const unsigned char *in, int inlen,
     return enc_cat;
 }
 
-// Encrypts a given constant char array of length inlen using the AES algorithm with CBC mode
-// and base64 encodes the result.
-//
-// Must free() returned value (allocated inside base64() function)
+/**
+ * Encrypts a given constant char array of length inlen using the AES algorithm with CBC mode
+ * and base64 encodes the result.
+ *
+ * Must free() returned value (allocated inside base64() function)
+ *
+ * @return Encrypted, base64-encoded buffer, or NULL in case of error.
+ */
 char *cipher_aes_b64_encrypt(const unsigned char *in, int inlen, int *outb64len,
                              const uint8_t *key)
 {
@@ -240,10 +244,16 @@ char *cipher_aes_hmac_decrypt(const uint8_t *in, int inlen,
     return ret;
 }
 
-// Decrypts a given constant char array of length inlen using the AES algorithm with CBC mode
-// and base64 decodes the result.
-//
-// Must free() returned value (allocated inside base64() function)
+/**
+ * Decrypts a given constant char array of length inlen using the AES algorithm with CBC mode
+ * and base64 decodes the result.
+ *
+ * Must free() returned value (allocated inside base64() function)
+ * @param[in] in Pointer to the buffer to decrpyt. Must contain a
+ *               NULL-terminated string.
+ * @param[in] inlen Length of the buffer to decrypt, excluding the
+ *                  terminating NULL character.
+ */
 char *cipher_aes_b64_hmac_decrypt(const unsigned char *in, int inlen, int *out_msg_len,
                                   const uint8_t *secret)
 {
@@ -273,7 +283,13 @@ char *cipher_aes_b64_hmac_decrypt(const unsigned char *in, int inlen, int *out_m
     return decrypted;
 }
 
-// Must free() returned value
+/**
+ * Must free() returned value.
+ * @param[in] in Pointer to the buffer to decrpyt. Must contain a
+ *               NULL-terminated string.
+ * @param[in] inlen Length of the buffer to decrypt, excluding the
+ *                  terminating NULL character.
+ */
 char *cipher_aes_b64_decrypt(const unsigned char *in, int inlen, int *outlen,
                              const uint8_t *key)
 {

tests/api.h

@@ -478,6 +478,9 @@ static void api_reset_device(void)
 }
 
 
+/**
+ * @return Buffer containing the read value. Guaranteed to be nonnull.
+ */
 static const char *api_read_value(int cmd)
 {
     static char value[HID_REPORT_SIZE];

tests/tests_unit.c

@@ -40,7 +40,6 @@
 #include "random.h"
 #include "base64.h"
 #include "base58.h"
-#include "base64.h"
 #include "pbkdf2.h"
 #include "flags.h"
 #include "flash.h"