Date: Mon, 24 Nov 2014 11:50:14 -0500 From: Ed Maste <emaste@freebsd.org> To: Ted Unangst <tedu@tedunangst.com> Cc: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org> Subject: Re: fix base64.c "overrun" Message-ID: <CAPyFy2AN_qvt7o%2BwgYb9Tfo0ctG3vCKq5Z7QOFMGOfgMU-9HGg@mail.gmail.com> In-Reply-To: <6a4308e3ce1d4835be5caef3f96b0c50@tedunangst.com> References: <6a4308e3ce1d4835be5caef3f96b0c50@tedunangst.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 22 November 2014 at 17:09, Ted Unangst <tedu@tedunangst.com> wrote: > From inspection, it appears FreeBSD's libc base64.c will sometimes > erroneously fail to decode a base64 string into a precisely sized > buffer. The overflow check is a little too greedy. The same bug was > fixed in OpenBSD; it would be helpful if FreeBSD adopted the fix as > well. :) > > http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/net/base64.c.diff?r1=1.6&r2=1.7 Thanks for the heads-up Ted, I'll take care of getting the fix in.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyFy2AN_qvt7o%2BwgYb9Tfo0ctG3vCKq5Z7QOFMGOfgMU-9HGg>