Off-by-one in decode
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libb64 (Debian) |
Fix Released
|
Unknown
|
|||
libb64 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
libb64 has already patched this issue. It was fun chasing it down again.
From commit ID 430cbdc8c8d5cf7
--- a/src/cdecode.c
+++ b/src/cdecode.c
@@ -12,7 +12,7 @@
static const char decoding[] = {62,-1,
static const char decoding_size = sizeof(decoding);
value_in -= 43;
- if (value_in < 0 || value_in > decoding_size) return -1;
+ if (value_in < 0 || value_in >= decoding_size) return -1;
return decoding[
}
This is applicable to the latest and greatest packages from what I see in the repos on launchpad.
Changed in libb64 (Debian): | |
status: | Unknown → New |
Changed in libb64 (Debian): | |
status: | New → Fix Released |
This bug was fixed in the package libb64 - 1.2-4
---------------
libb64 (1.2-4) unstable; urgency=medium
* new maintainer (Closes: #706894)
* debian/control: bump standard to 4.1.0 (no changes)
* debian/control: use dh10
* debian/rules: add bindnow linker flag
* add off-by-one.diff (Closes: #801584) (LP: #1501176)
-- Thorsten Alteholz <email address hidden> Thu, 07 Sep 2017 18:16:02 +0200