Fixed CERT VU#238019 (make sure sasl_encode64() always NUL terminates output or returns SASL_BUFOVER)

ksmurchison · ksmurchison · commit 05cc04e3f4d0 · 2009-04-27T13:26:27.000Z
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,7 @@
+2009-04-27  Ken Murchison <murch@andrew.cmu.edu>
+	* lib/saslutil.c: Fixed CERT VU#238019 (make sure sasl_encode64()
+	  always NUL terminates output or returns SASL_BUFOVER).
+
 2009-04-11  Alexey Melnikov <alexey.melnikov@isode.com>
 	* plugins/sql.c: Fixed SQLite lookup function.
 	  Also fixed SASL PLAIN authenticaion when used with
diff --git a/lib/saslutil.c b/lib/saslutil.c
@@ -1,7 +1,7 @@
 /* saslutil.c
  * Rob Siemborski
  * Tim Martin
- * $Id: saslutil.c,v 1.48 2009/04/17 06:04:50 mel Exp $
+ * $Id: saslutil.c,v 1.49 2009/04/27 13:26:27 murch Exp $
  */
 /* 
  * Copyright (c) 1998-2003 Carnegie Mellon University.  All rights reserved.
@@ -137,7 +137,7 @@ int sasl_encode64(const char *_in,
     if (outlen) {
 	*outlen = olen;
     }
-    if (outmax < olen) {
+    if (outmax <= olen) {
 	return SASL_BUFOVER;
     }
 
@@ -162,9 +162,7 @@ int sasl_encode64(const char *_in,
         *out++ = '=';
     }
 
-    if (olen < outmax) {
-	*out = '\0';
-    }
+    *out = '\0';
     
     return SASL_OK;
 }

-Original file line number
+Diff line change
@@ @@ -1,3 +1,7 @@ @@
 +2009-04-27  Ken Murchison <[email protected]>
 +	* lib/saslutil.c: Fixed CERT VU#238019 (make sure sasl_encode64()
 +	  always NUL terminates output or returns SASL_BUFOVER).
++
 -04-11  Alexey Melnikov <[email protected]>
 	* plugins/sql.c: Fixed SQLite lookup function.
 	  Also fixed SASL PLAIN authenticaion when used with
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`/* saslutil.c`
`2`	`2`	`* Rob Siemborski`
`3`	`3`	`* Tim Martin`
`4`		`- * $Id: saslutil.c,v 1.48 2009/04/17 06:04:50 mel Exp $`
	`4`	`+ * $Id: saslutil.c,v 1.49 2009/04/27 13:26:27 murch Exp $`
`5`	`5`	`*/`
`6`	`6`	`/*`
`7`	`7`	`* Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.`
`@@ -137,7 +137,7 @@ int sasl_encode64(const char *_in,`
`137`	`137`	`if (outlen) {`
`138`	`138`	`*outlen = olen;`
`139`	`139`	`}`
`140`		`- if (outmax < olen) {`
	`140`	`+ if (outmax <= olen) {`
`141`	`141`	`return SASL_BUFOVER;`
`142`	`142`	`}`
`143`	`143`
`@@ -162,9 +162,7 @@ int sasl_encode64(const char *_in,`
`162`	`162`	`*out++ = '=';`
`163`	`163`	`}`
`164`	`164`
`165`		`- if (olen < outmax) {`
`166`		`- *out = '\0';`
`167`		`- }`
	`165`	`+ *out = '\0';`
`168`	`166`
`169`	`167`	`return SASL_OK;`
`170`	`168`	`}`