standard base64.c

Moriyoshi Koizumi Sat, 30 Nov 2002 18:45:46 -0800

moriyoshi               Sat Nov 30 21:44:50 2002 EDT

  Modified files:              
    /php4/ext/standard  base64.c 
  Log:
  Fixed possible buffer overflow in php_base64_decode();
  # This bug doesn't appear to be harmful for now,
  # so I won't merge it into branches...
  
  
Index: php4/ext/standard/base64.c
diff -u php4/ext/standard/base64.c:1.33 php4/ext/standard/base64.c:1.34
--- php4/ext/standard/base64.c:1.33     Wed Aug 21 21:20:50 2002
+++ php4/ext/standard/base64.c  Sat Nov 30 21:44:50 2002
@@ -15,7 +15,7 @@
    | Author: Jim Winstead <[EMAIL PROTECTED]>                                  |
    +----------------------------------------------------------------------+
  */
-/* $Id: base64.c,v 1.33 2002/08/22 01:20:50 sniper Exp $ */
+/* $Id: base64.c,v 1.34 2002/12/01 02:44:50 moriyoshi Exp $ */
 
 #include <string.h>
 
@@ -140,7 +140,7 @@
        }
 
        /* run through the whole string, converting as we go */
-       while ((ch = *current++) != '\0') {
+       while ((ch = *current++) != '\0' && length-- > 0) {
                if (ch == base64_pad) break;
 
            /* When Base64 gets POSTed, all pluses are interpreted as spaces.




-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[PHP-CVS] cvs: php4 /ext/standard base64.c

Reply via email to