master

分支 (17)

标签 (15)

管理

管理

master

openEuler-23.03

openEuler-22.03-LTS

openEuler-22.03-LTS-Next

openEuler-22.03-LTS-SP2

openEuler-20.03-LTS-SP1

openEuler-20.03-LTS-SP3

openEuler-22.03-LTS-SP1

openEuler-22.09

openEuler-21.09

openEuler-20.03-LTS-Next

openEuler-20.03-LTS-SP2

openEuler-21.03

openEuler-20.03-LTS

openEuler-20.09

openEuler1.0

openEuler1.0-base

openEuler-22.03-LTS-SP1-release

openEuler-22.09-release

openEuler-22.09-rc5

openEuler-22.09-20220829

openEuler-22.03-LTS-20220331

openEuler-22.03-LTS-round5

openEuler-22.03-LTS-round3

openEuler-22.03-LTS-round2

openEuler-22.03-LTS-round1

openEuler-20.03-LTS-SP3-release

openEuler-20.03-LTS-SP2-20210624

openEuler-21.03-20210330

openEuler-20.09-20200928

openEuler-20.03-LTS-20200606

openEuler-20.03-LTS-tag

apr
/
backport-apr_decode_base-64-32-16-sto...

From e70d77ecc4aa9e0dccac6e7e5ba74639f71f50cf Mon Sep 17 00:00:00 2001
From: Yann Ylavic <ylavic@apache.org>
Date: Fri, 27 Nov 2020 17:04:06 +0000
Subject: [PATCH] apr_decode_base{64,32,16}: stop reading before (not
 including) NUL byte.

git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1883870 13f79535-47bb-0310-9956-ffa450edef68
---
 encoding/apr_encode.c | 60 ++++++++++++++++++++++++++++++-------------
 test/testencode.c     | 24 ++++++++++++-----
 2 files changed, 59 insertions(+), 25 deletions(-)

diff --git a/encoding/apr_encode.c b/encoding/apr_encode.c
index b3278c7fd..bc2dc5437 100644
--- a/encoding/apr_encode.c
+++ b/encoding/apr_encode.c
@@ -394,11 +394,15 @@ APR_DECLARE(apr_status_t) apr_decode_base64(char *dest, const char *src,
         apr_status_t status;

         bufin = (const unsigned char *)src;
-        while (pr2six[*(bufin++)] < 64 && count)
+        while (count && pr2six[*bufin] < 64) {
             count--;
-        nprbytes = (bufin - (const unsigned char *)src) - 1;
-        while (pr2six[*(bufin++)] > 64 && count)
+            bufin++;
+        }
+        nprbytes = bufin - (const unsigned char *)src;
+        while (count && pr2six[*bufin] > 64) {
             count--;
+            bufin++;
+        }

         status = flags & APR_ENCODE_RELAXED ? APR_SUCCESS :
             count ? APR_BADCH : APR_SUCCESS;
@@ -469,11 +473,15 @@ APR_DECLARE(apr_status_t) apr_decode_base64_binary(unsigned char *dest,
         apr_status_t status;

         bufin = (const unsigned char *)src;
-        while (pr2six[*(bufin++)] < 64 && count)
+        while (count && pr2six[*bufin] < 64) {
             count--;
-        nprbytes = (bufin - (const unsigned char *)src) - 1;
-        while (pr2six[*(bufin++)] > 64 && count)
+            bufin++;
+        }
+        nprbytes = bufin - (const unsigned char *)src;
+        while (count && pr2six[*bufin] > 64) {
             count--;
+            bufin++;
+        }

         status = flags & APR_ENCODE_RELAXED ? APR_SUCCESS :
             count ? APR_BADCH : APR_SUCCESS;
@@ -842,11 +850,15 @@ APR_DECLARE(apr_status_t) apr_decode_base32(char *dest, const char *src,
         }

         bufin = (const unsigned char *)src;
-        while (pr2[*(bufin++)] < 32 && count)
+        while (count && pr2[*bufin] < 32) {
             count--;
-        nprbytes = (bufin - (const unsigned char *)src) - 1;
-        while (pr2[*(bufin++)] > 32 && count)
+            bufin++;
+        }
+        nprbytes = bufin - (const unsigned char *)src;
+        while (count && pr2[*bufin] > 32) {
             count--;
+            bufin++;
+        }

         status = flags & APR_ENCODE_RELAXED ? APR_SUCCESS :
             count ? APR_BADCH : APR_SUCCESS;
@@ -945,11 +957,15 @@ APR_DECLARE(apr_status_t) apr_decode_base32_binary(unsigned char *dest,
         }

         bufin = (const unsigned char *)src;
-        while (pr2[*(bufin++)] < 32 && count)
+        while (count && pr2[*bufin] < 32) {
             count--;
-        nprbytes = (bufin - (const unsigned char *)src) - 1;
-        while (pr2[*(bufin++)] > 32 && count)
+            bufin++;
+        }
+        nprbytes = bufin - (const unsigned char *)src;
+        while (count && pr2[*bufin] > 32) {
             count--;
+            bufin++;
+        }

         status = flags & APR_ENCODE_RELAXED ? APR_SUCCESS :
             count ? APR_BADCH : APR_SUCCESS;
@@ -1220,11 +1236,15 @@ APR_DECLARE(apr_status_t) apr_decode_base16(char *dest,

     count = slen;
     bufin = (const unsigned char *)src;
-    while (pr2two[*(bufin++)] != 16 && count)
+    while (count && pr2two[*bufin] != 16) {
         count--;
-    nprbytes = (bufin - (const unsigned char *)src) - 1;
-    while (pr2two[*(bufin++)] > 16 && count)
+        bufin++;
+    }
+    nprbytes = bufin - (const unsigned char *)src;
+    while (count && pr2two[*bufin] > 16) {
         count--;
+        bufin++;
+    }

     status = flags & APR_ENCODE_RELAXED ? APR_SUCCESS :
         count ? APR_BADCH : APR_SUCCESS;
@@ -1310,11 +1330,15 @@ APR_DECLARE(apr_status_t) apr_decode_base16_binary(unsigned char *dest,

     count = slen;
     bufin = (const unsigned char *)src;
-    while (pr2two[*(bufin++)] != 16 && count)
+    while (count && pr2two[*bufin] != 16) {
         count--;
-    nprbytes = (bufin - (const unsigned char *)src) - 1;
-    while (pr2two[*(bufin++)] > 16 && count)
+        bufin++;
+    }
+    nprbytes = bufin - (const unsigned char *)src;
+    while (count && pr2two[*bufin] > 16) {
         count--;
+        bufin++;
+    }

     status = flags & APR_ENCODE_RELAXED ? APR_SUCCESS :
         count ? APR_BADCH : APR_SUCCESS;
diff --git a/test/testencode.c b/test/testencode.c
index 3680fa380..ba23aaf28 100644
--- a/test/testencode.c
+++ b/test/testencode.c
@@ -134,37 +134,42 @@ static void test_decode_base64(abts_case * tc, void *data)
     src = "";
     target = "";
     dest = apr_pdecode_base64(pool, src, APR_ENCODE_STRING, APR_ENCODE_NONE, &len);
-    ABTS_STR_EQUAL(tc, dest, target);
+    ABTS_STR_EQUAL(tc, target, dest);

     src = "Zg==";
     target = "f";
     dest = apr_pdecode_base64(pool, src, APR_ENCODE_STRING, APR_ENCODE_NONE, &len);
-    ABTS_STR_EQUAL(tc, dest, target);
+    ABTS_STR_EQUAL(tc, target, dest);
+
+    src = "Zg=";
+    target = "f";
+    dest = apr_pdecode_base64(pool, src, APR_ENCODE_STRING, APR_ENCODE_NONE, &len);
+    ABTS_STR_EQUAL(tc, target, dest);

     src = "Zg";
     target = "f";
     dest = apr_pdecode_base64(pool, src, APR_ENCODE_STRING, APR_ENCODE_NONE, &len);
-    ABTS_STR_EQUAL(tc, dest, target);
+    ABTS_STR_EQUAL(tc, target, dest);

     src = "Zm8=";
     target = "fo";
     dest = apr_pdecode_base64(pool, src, APR_ENCODE_STRING, APR_ENCODE_NONE, &len);
-    ABTS_STR_EQUAL(tc, dest, target);
+    ABTS_STR_EQUAL(tc, target, dest);

     src = "Zm8";
     target = "fo";
     dest = apr_pdecode_base64(pool, src, APR_ENCODE_STRING, APR_ENCODE_NONE, &len);
-    ABTS_STR_EQUAL(tc, dest, target);
+    ABTS_STR_EQUAL(tc, target, dest);

     src = "Zm9v";
     target = "foo";
     dest = apr_pdecode_base64(pool, src, APR_ENCODE_STRING, APR_ENCODE_NONE, &len);
-    ABTS_STR_EQUAL(tc, dest, target);
+    ABTS_STR_EQUAL(tc, target, dest);

     src = "Zm9v";
     target = "foo";
     dest = apr_pdecode_base64(pool, src, APR_ENCODE_STRING, APR_ENCODE_NONE, &len);
-    ABTS_STR_EQUAL(tc, dest, target);
+    ABTS_STR_EQUAL(tc, target, dest);

     apr_pool_destroy(pool);
 }
@@ -191,6 +196,11 @@ static void test_decode_base64_binary(abts_case * tc, void *data)
     ABTS_ASSERT(tc, "apr_pdecode_base64_binary target!=dest", memcmp(ufoobar, udest, 1) == 0);
     ABTS_INT_EQUAL(tc, len, 1);

+    src = "Zg=";
+    udest = apr_pdecode_base64_binary(pool, src, APR_ENCODE_STRING, APR_ENCODE_NONE, &len);
+    ABTS_ASSERT(tc, "apr_pdecode_base64_binary target!=dest", memcmp(ufoobar, udest, 1) == 0);
+    ABTS_INT_EQUAL(tc, len, 1);
+
     src = "Zg";
     udest = apr_pdecode_base64_binary(pool, src, APR_ENCODE_STRING, APR_ENCODE_NONE, &len);
     ABTS_ASSERT(tc, "apr_pdecode_base64_binary target!=dest", memcmp(ufoobar, udest, 1) == 0);
--
2.27.0