You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
base64Encode expects an output buffer whose size is ((4 * (inLen + 1)) / 3) bytes, as per comment. But for the input buffer of size 16, it overruns it. For the input buffer of size 16, the output buffer should be: ((4 * (16 + 1)) / 3) = 22 bytes. But in this case, base64Encode returns output length of 24 bytes, overrunning the input buffer. The following C code demonstrates it:
b64len = 22
Before encoding b64[22]=0x0
After encoding outLen=24, b64[22]=0x3D
base64Encode should only touch bytes from b64[0] to b64[21] (because the required length is supposed to be 22). But it clearly touches b64[22] as well, thus overrunning the output buffer (should its length was as per the comment).
Note that for larger input sizes (like 20), this problem does not happen:
b64len = 28
Before encoding b64[28]=0x0
After encoding outLen=24, b64[28]=0x0
Here base64Encode uses only 24 bytes out of 28 bytes.
The text was updated successfully, but these errors were encountered:
base64Encode expects an output buffer whose size is ((4 * (inLen + 1)) / 3) bytes, as per comment. But for the input buffer of size 16, it overruns it. For the input buffer of size 16, the output buffer should be: ((4 * (16 + 1)) / 3) = 22 bytes. But in this case, base64Encode returns output length of 24 bytes, overrunning the input buffer. The following C code demonstrates it:
The output is:
base64Encode should only touch bytes from b64[0] to b64[21] (because the required length is supposed to be 22). But it clearly touches b64[22] as well, thus overrunning the output buffer (should its length was as per the comment).
Note that for larger input sizes (like 20), this problem does not happen:
Here base64Encode uses only 24 bytes out of 28 bytes.
The text was updated successfully, but these errors were encountered: