[Bug 224141] possible Off-by-one bug in the Base64 decoding in the wpa supplicant

bugzilla-noreply Thu, 07 Dec 2017 10:16:06 -0800

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224141


Timothy Brown <tbr...@freeshell.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |tbr...@freeshell.org

--- Comment #1 from Timothy Brown <tbr...@freeshell.org> ---
Hi Ivan,

I was wondering if you've got a test case that shows this "off-by-one"?

As when I read the code, I do not believe there is an "off-by-one" error.
The base64_table:

static const unsigned char base64_table[65] =
        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

Is defined as size 65, yet contains 64 elements and the last trailing NULL.

So sizeof(base64_table) will return 65, yet the for loop is creating the 
reverse base64 lookup in dtable, so we only want to do this for elements 
in base64_table. Which is sizeof(base64_table) -1, or strlen(base64_table).

This is my understanding of the code and I am unable to encode/decode an error.
I would be interested to hear your thoughts.

Regards
Tim

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-wireless@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-wireless
To unsubscribe, send any mail to "freebsd-wireless-unsubscr...@freebsd.org"

[Bug 224141] possible Off-by-one bug in the Base64 decoding in the wpa supplicant

Reply via email to