2006-03-24 Ralf Wildenhues <Ralf.Wildenhues@gmx.de>

author Simon Josefsson <simon@josefsson.org>

Fri, 24 Mar 2006 12:36:06 +0000 (12:36 +0000)

committer Simon Josefsson <simon@josefsson.org>

Fri, 24 Mar 2006 12:36:06 +0000 (12:36 +0000)
author Simon Josefsson <simon@josefsson.org>
Fri, 24 Mar 2006 12:36:06 +0000 (12:36 +0000)
committer Simon Josefsson <simon@josefsson.org>
Fri, 24 Mar 2006 12:36:06 +0000 (12:36 +0000)
diff --git a/lib/ChangeLog b/lib/ChangeLog

index fed0610a72a9b6909c639241a82dcdf4d4624f4b..75a0866a078a4ea3e583afcd7180730519969078 100644 (file)
--- a/lib/ChangeLog
+++ b/lib/ChangeLog
@@ -1,3 +1,8 @@
+2006-03-24  Ralf Wildenhues <Ralf.Wildenhues@gmx.de>
+
+       * base64.c (base64_encode): Do not read past end of array with
+       unsanitized input on systems with CHAR_BIT > 8.
+
  2006-03-16  Paul Eggert  <eggert@cs.ucla.edu>
  
         * regex.h (regoff_t) [defined _REGEX_LARGE_OFFSETS]:
diff --git a/lib/base64.c b/lib/base64.c

index 7682f859d3a5875a062bc91c12e55025be6b1218..1fe719c95c010d286b8318f9628ccb2e34bd0611 100644 (file)
--- a/lib/base64.c
+++ b/lib/base64.c
@@ -74,7 +74,7 @@ base64_encode (const char *restrict in, size_t inlen,
  
    while (inlen && outlen)
      {
-      *out++ = b64str[to_uchar (in[0]) >> 2];
+      *out++ = b64str[(to_uchar (in[0]) >> 2) & 0x3f];
        if (!--outlen)
         break;
        *out++ = b64str[((to_uchar (in[0]) << 4)
author	Simon Josefsson <simon@josefsson.org>
	Fri, 24 Mar 2006 12:36:06 +0000 (12:36 +0000)
committer	Simon Josefsson <simon@josefsson.org>
	Fri, 24 Mar 2006 12:36:06 +0000 (12:36 +0000)
lib/ChangeLog		patch \| blob \| history
lib/base64.c		patch \| blob \| history