head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.4 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.2 pkgsrc-2012Q4-base:1.2; locks; strict; comment @# @; 1.2 date 2012.08.14.22.08.09; author gdt; state dead; branches; next 1.1; 1.1 date 2012.08.09.10.06.47; author drochner; state Exp; branches; next ; desc @@ 1.2 log @Update to 3.2.1. (This is a security release, but pkgsrc already had patches from upstream.) This version corrects two heap overflows reported by our users: - A small write overflow, reported by Justin Ferguson - A large read overflow, reported by Ben Hawkes @ text @$NetBSD: patch-CVE-2012-3461-ab,v 1.1 2012/08/09 10:06:47 drochner Exp $ --- src/b64.h.orig 2008-05-27 12:35:28.000000000 +0000 +++ src/b64.h @@@@ -20,6 +20,19 @@@@ #ifndef __B64_H__ #define __B64_H__ +#include + +/* Base64 encodes blocks of this many bytes: */ +#define OTRL_B64_DECODED_LEN 3 +/* into blocks of this many bytes: */ +#define OTRL_B64_ENCODED_LEN 4 + +/* An encoded block of length encoded_len can turn into a maximum of + * this many decoded bytes: */ +#define OTRL_B64_MAX_DECODED_SIZE(encoded_len) \ + (((encoded_len + OTRL_B64_ENCODED_LEN - 1) / OTRL_B64_ENCODED_LEN) \ + * OTRL_B64_DECODED_LEN) + /* * base64 encode data. Insert no linebreaks or whitespace. * @@@@ -33,8 +46,9 @@@@ size_t otrl_base64_encode(char *base64da * base64 decode data. Skip non-base64 chars, and terminate at the * first '=', or the end of the buffer. * - * The buffer data must contain at least (base64len / 4) * 3 bytes of - * space. This function will return the number of bytes actually used. + * The buffer data must contain at least ((base64len+3) / 4) * 3 bytes + * of space. This function will return the number of bytes actually + * used. */ size_t otrl_base64_decode(unsigned char *data, const char *base64data, size_t base64len); @ 1.1 log @att patches from upstream to fix buffer overflow in the base64 decoder which can lead to crashes or potentially code injection (CVE-2012-3461) bump PKGREV @ text @d1 1 a1 1 $NetBSD$ @