From owner-freebsd-hackers@FreeBSD.ORG  Mon Nov 24 16:50:35 2014
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 94236BF0
 for <freebsd-hackers@freebsd.org>; Mon, 24 Nov 2014 16:50:35 +0000 (UTC)
Received: from mail-ie0-x236.google.com (mail-ie0-x236.google.com
 [IPv6:2607:f8b0:4001:c03::236])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 5C926DD2
 for <freebsd-hackers@freebsd.org>; Mon, 24 Nov 2014 16:50:35 +0000 (UTC)
Received: by mail-ie0-f182.google.com with SMTP id x19so9326231ier.13
 for <freebsd-hackers@freebsd.org>; Mon, 24 Nov 2014 08:50:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:in-reply-to:references:from:date:message-id
 :subject:to:cc:content-type;
 bh=1oo6Rq98AM3joUCiS785GMj6z3eK0X19W4LKTZmVK2g=;
 b=0Zbu9ZMnxNML+ieS4QETAPBEX5MKwiagJHOOmlkc9HAnvh2ZWgHHiiGfWDZVdWdSJw
 T2Qglxy2bgJH1IRZap1v+x/bPTd21Hg06H+vaB/SIdurOPeLujfOAhfQkeuTJaod+hUe
 l1OOR+oCgDLeFTiAiN5IAMTVSHTQQckRXpiPtZgFaMAU5P1QzOD2TOEabqAB+huV+gC7
 /zlS5nB0Q/iExPGW5pNSU17kWg+qdEfkTZLtULwa1DkXirc94fs2g7fi02yN9It7d7IY
 UEH2ZI10IKDUi0fnbqRozGlX+GwBnOQZMzbAqeDYKpT+O50uzQBO/KhgsEr1INr8jxnk
 aZ8g==
X-Received: by 10.107.40.205 with SMTP id o196mr19052510ioo.26.1416847834686; 
 Mon, 24 Nov 2014 08:50:34 -0800 (PST)
MIME-Version: 1.0
Sender: carpeddiem@gmail.com
Received: by 10.107.29.141 with HTTP; Mon, 24 Nov 2014 08:50:14 -0800 (PST)
In-Reply-To: <6a4308e3ce1d4835be5caef3f96b0c50@tedunangst.com>
References: <6a4308e3ce1d4835be5caef3f96b0c50@tedunangst.com>
From: Ed Maste <emaste@freebsd.org>
Date: Mon, 24 Nov 2014 11:50:14 -0500
X-Google-Sender-Auth: PhWflPlOYwMPObckMrIbGlD1haM
Message-ID: <CAPyFy2AN_qvt7o+wgYb9Tfo0ctG3vCKq5Z7QOFMGOfgMU-9HGg@mail.gmail.com>
Subject: Re: fix base64.c "overrun"
To: Ted Unangst <tedu@tedunangst.com>
Content-Type: text/plain; charset=UTF-8
Cc: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Nov 2014 16:50:35 -0000

On 22 November 2014 at 17:09, Ted Unangst <tedu@tedunangst.com> wrote:
> From inspection, it appears FreeBSD's libc base64.c will sometimes
> erroneously fail to decode a base64 string into a precisely sized
> buffer. The overflow check is a little too greedy. The same bug was
> fixed in OpenBSD; it would be helpful if FreeBSD adopted the fix as
> well. :)
>
> http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/net/base64.c.diff?r1=1.6&r2=1.7

Thanks for the heads-up Ted, I'll take care of getting the fix in.