Bug in Base64 BIO decode (bio_b64.c)

Wed, 03 Dec 2003 16:58:41 -0800 

Hi,

I just recently moved from 0.9.7 to 0.9.7c and discovered what I think
is a bug in the base64 BIO decoding code.

When the source bio is a read-write memory bio, and has more than 1024
bytes of data to decode (in my test case it was less than 2048, but I
suspect more would fail as well), the BIO only writes out 720 bytes of
decoded data and then fails.  The cause seems to be in these new lines
(290-294) of bio_b64.c:

                /* If buffer isn't full and we can retry then
                 * restart to read in more data.
                 */
                else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0))
                        continue;

What's happening is that on the second pass through the while loop (the
first pass reads 1024 (B64_BLOCK_SIZE) bytes and writes out 720),
BIO_read is reading < 1024 bytes (as that's all that's left in the
memory BIO).  Then, when it hits this else, it goes back to the
beginning and calls BIO_read again.  But BIO_read returns -1 (no more
data), and the function returns failure, with only the 720 bytes written
out.

Here is some code that will reproduce the bug:

#include <openssl/evp.h>

void main(void)
{
        BIO *inb, *dec;
        char in[2048];
        char out[2048];
        int len;
        FILE *fp;

        fp = fopen("in", "r");
        len = fread(in, 1, 2048, fp);
        fclose(fp);

        inb = BIO_new(BIO_s_mem());
        BIO_write(inb, in, len);

        dec = BIO_new(BIO_f_base64());
        dec = BIO_push(dec, inb);

        len = BIO_read(dec, out, 2048);

        BIO_free_all(dec);


        fp = fopen("out", "w");
        fwrite(out, len, 1, fp);
        fclose(fp);
}

The file "in" should be populated with base64 encoded data (I just used
the openssl command line tool) of size > 1024 and < 2048.  After you run
this, the file "out" will have size 720.

The easy fix would probably be just to get rid of that else if
statement, but I suspect there was a reason for putting it in, so I'm
hesitant to just pull it out.  (I may just go back to the 0.9.7 version
of bio_b64.c for the time being.)

Is this already a known issue?

Thanks,
Matt
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to