[Bug 224141] possible Off-by-one bug in the Base64 decoding in the wpa supplicant
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Dec 7 18:15:17 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224141
Timothy Brown <tbrown at freeshell.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |tbrown at freeshell.org
--- Comment #1 from Timothy Brown <tbrown at freeshell.org> ---
Hi Ivan,
I was wondering if you've got a test case that shows this "off-by-one"?
As when I read the code, I do not believe there is an "off-by-one" error.
The base64_table:
static const unsigned char base64_table[65] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
Is defined as size 65, yet contains 64 elements and the last trailing NULL.
So sizeof(base64_table) will return 65, yet the for loop is creating the
reverse base64 lookup in dtable, so we only want to do this for elements
in base64_table. Which is sizeof(base64_table) -1, or strlen(base64_table).
This is my understanding of the code and I am unable to encode/decode an error.
I would be interested to hear your thoughts.
Regards
Tim
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-wireless
mailing list