From d14ebdbf0e6fcb031544402105324c6183b82443 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Wed, 10 Jun 2020 23:26:05 +0800
Subject: avoid zero length array in base64_decode

---
 libtomcrypt/src/misc/base64/base64_decode.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'libtomcrypt/src')

diff --git a/libtomcrypt/src/misc/base64/base64_decode.c b/libtomcrypt/src/misc/base64/base64_decode.c
index 4c58c68..c1d3c80 100644
--- a/libtomcrypt/src/misc/base64/base64_decode.c
+++ b/libtomcrypt/src/misc/base64/base64_decode.c
@@ -43,8 +43,8 @@ static const unsigned char map_base64[256] = {
 255, 255, 255, 255 };
 #endif /* LTC_BASE64 */
 
-static const unsigned char map_base64url[] = {
 #if defined(LTC_BASE64_URL)
+static const unsigned char map_base64url[] = {
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
@@ -67,8 +67,8 @@ static const unsigned char map_base64url[] = {
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255,
 255, 255, 255, 255
-#endif /* LTC_BASE64_URL */
 };
+#endif /* LTC_BASE64_URL */
 
 enum {
    relaxed = 0,
@@ -117,8 +117,14 @@ static int _base64_decode_internal(const unsigned char *in,  unsigned long inlen
    }
 
    if (y != 0) {
+      int allow_b64url = 0;
+#ifdef LTC_BASE64_URL
+      if (map == map_base64url) {
+        allow_b64url = 1;
+      }
+#endif
       if (y == 1) return CRYPT_INVALID_PACKET;
-      if ((y + g) != 4 && is_strict && map != map_base64url) return CRYPT_INVALID_PACKET;
+      if ((y + g) != 4 && is_strict && !allow_b64url) return CRYPT_INVALID_PACKET;
       t = t << (6 * (4 - y));
       if (z + y - 1 > *outlen) return CRYPT_BUFFER_OVERFLOW;
       if (y >= 2) out[z++] = (unsigned char) ((t >> 16) & 255);
-- 
cgit v1.2.3