lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-10 05:03:02 +03:00
Code Activity

Fix mbedtls_base64_decode() accepting invalid inputs with 4n+1 digits

Browse Source 
The last digit was ignored.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2025-06-04 10:33:31 +02:00
parent 683a46e6c1
commit 84999d1a7b
3 changed files with 21 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog.d/base64_decode.txt Normal file
View File

@@ -0,0 +1,3 @@
Bugfix
* Fix mbedtls_base64_decode() accepting invalid inputs with 4n+1 digits
(the last digit was ignored).

6
library/base64.c
View File

@@ -183,6 +183,12 @@ int mbedtls_base64_decode(unsigned char *dst, size_t dlen, size_t *olen,
n++; n++;
} }
/* In valid base64, the number of digits is always of the form
* 4n, 4n+2 or 4n+3. */
if ((n - equals) % 4 == 1) {
return MBEDTLS_ERR_BASE64_INVALID_CHARACTER;
}
if (n == 0) { if (n == 0) {
*olen = 0; *olen = 0;
return 0; return 0;

24
tests/suites/test_suite_base64.data
View File

@@ -84,14 +84,14 @@ mbedtls_base64_decode:"zm masd":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
# output when dlen < 3, but actually outputs 2 bytes if given a # output when dlen < 3, but actually outputs 2 bytes if given a
# buffer of 3 bytes or more. # buffer of 3 bytes or more.
Base64 decode: 1 digit, 0 equals (sloppily accepted) Base64 decode: 1 digit, 0 equals (bad)
mbedtls_base64_decode:"Y":"!":0 mbedtls_base64_decode:"Y":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
Base64 decode: 1 digit, 1 equals (sloppily accepted) Base64 decode: 1 digit, 1 equals (bad)
mbedtls_base64_decode:"Y":"!":0 mbedtls_base64_decode:"Y":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
Base64 decode: 1 digit, 2 equals (sloppily accepted) Base64 decode: 1 digit, 2 equals (bad)
mbedtls_base64_decode:"Y==":"!":0 mbedtls_base64_decode:"Y==":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
Base64 decode: 1 digit, 3 equals (bad) Base64 decode: 1 digit, 3 equals (bad)
mbedtls_base64_decode:"Y===":"!":MBEDTLS_ERR_BASE64_INVALID_CHARACTER mbedtls_base64_decode:"Y===":"!":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
@@ -132,14 +132,14 @@ mbedtls_base64_decode:"Y29t==":"com":0
Base64 decode: 4 digits, 3 equals (bad) Base64 decode: 4 digits, 3 equals (bad)
mbedtls_base64_decode:"Y29t===":"com":MBEDTLS_ERR_BASE64_INVALID_CHARACTER mbedtls_base64_decode:"Y29t===":"com":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
Base64 decode: 5 digits, 0 equals (sloppily accepted) Base64 decode: 5 digits, 0 equals (bad)
mbedtls_base64_decode:"Y29tc":"com!":0 mbedtls_base64_decode:"Y29tc":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
Base64 decode: 5 digits, 1 equals (sloppily accepted) Base64 decode: 5 digits, 1 equals (bad)
mbedtls_base64_decode:"Y29tc=":"com!":0 mbedtls_base64_decode:"Y29tc=":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
Base64 decode: 5 digits, 2 equals (sloppily accepted) Base64 decode: 5 digits, 2 equals (bad)
mbedtls_base64_decode:"Y29tc==":"com!":0 mbedtls_base64_decode:"Y29tc==":"":MBEDTLS_ERR_BASE64_INVALID_CHARACTER
Base64 decode: 5 digits, 3 equals (bad) Base64 decode: 5 digits, 3 equals (bad)
mbedtls_base64_decode:"Y29tc===":"com!":MBEDTLS_ERR_BASE64_INVALID_CHARACTER mbedtls_base64_decode:"Y29tc===":"com!":MBEDTLS_ERR_BASE64_INVALID_CHARACTER