diff options
author | pixel <pixel> | 2007-07-23 08:36:38 +0000 |
---|---|---|
committer | pixel <pixel> | 2007-07-23 08:36:38 +0000 |
commit | 9e8aec3df93a2c3ddbfa210c623ccd481d0fe4a6 (patch) | |
tree | 0c6c55d6020daee79ebfb8461b38fb7a33db7586 | |
parent | 76a1252e40c51ebc1c58c01e25677bef864b3f3f (diff) |
Deadly fix in Base64...
-rw-r--r-- | lib/Base64.cc | 23 | ||||
-rw-r--r-- | lib/HttpServ.cc | 6 |
2 files changed, 16 insertions, 13 deletions
diff --git a/lib/Base64.cc b/lib/Base64.cc index 6c16f47..a6e5237 100644 --- a/lib/Base64.cc +++ b/lib/Base64.cc @@ -17,7 +17,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* $Id: Base64.cc,v 1.3 2007-06-11 11:25:36 pixel Exp $ */ +/* $Id: Base64.cc,v 1.4 2007-07-23 08:36:38 pixel Exp $ */ #include <Base64.h> @@ -87,20 +87,21 @@ int Base64::decode_block(char s1, char s2, char s3, char s4, unsigned char * out } unsigned char * Base64::decode(const String & str_in, int * len_out) { - int s_len = str_in.strlen() / 4, len = 0, i, j, t_len; + int s_len = str_in.strlen(), len = 0, i, j, t_len; char s1, s2, s3, s4; - unsigned char t_out[2]; - unsigned char * out = (unsigned char *) malloc(s_len * 3 + 1); + unsigned char t_out[3]; + unsigned char * out = (unsigned char *) malloc(s_len * 3 / 4 + 4); + unsigned char * p = out; - for (i = 0; i < s_len; i++) { - s1 = str_in[i * 4 + 0]; - s2 = str_in[i * 4 + 1]; - s3 = str_in[i * 4 + 2]; - s4 = str_in[i * 4 + 3]; + for (i = 0; i < s_len; i += 4) { + s1 = str_in[i + 0]; + s2 = str_in[i + 1]; + s3 = str_in[i + 2]; + s4 = str_in[i + 3]; t_len = decode_block(s1, s2, s3, s4, t_out); - + for (j = 0; j < t_len; j++) { - out[i * 3 + j] = t_out[j]; + *(p++) = t_out[j]; } len += t_len; diff --git a/lib/HttpServ.cc b/lib/HttpServ.cc index d00890e..b9fb06b 100644 --- a/lib/HttpServ.cc +++ b/lib/HttpServ.cc @@ -17,7 +17,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* $Id: HttpServ.cc,v 1.52 2007-06-18 09:25:47 pixel Exp $ */ +/* $Id: HttpServ.cc,v 1.53 2007-07-23 08:36:38 pixel Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -111,7 +111,9 @@ int ProcessRequest::Do() throw(GeneralException) { host = t.extract(6); } if (t.strstr("Authorization: Basic ") == 0) { - char * credentials = (char *) Base64::decode(t.extract(21), 0); + int l; + char * credentials = (char *) Base64::decode(t.extract(21), &l); + credentials[l] = 0; char * p = strchr(credentials, ':'); if (p) { |