You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@xerces.apache.org by sc...@apache.org on 2017/07/06 17:53:24 UTC

svn commit: r1801088 - /xerces/c/trunk/src/xercesc/util/Base64.cpp

Author: scantor
Date: Thu Jul  6 17:53:23 2017
New Revision: 1801088

URL: http://svn.apache.org/viewvc?rev=1801088&view=rev
Log:
XERCESC-2105 - Fix potential size_t overflows

Modified:
    xerces/c/trunk/src/xercesc/util/Base64.cpp

Modified: xerces/c/trunk/src/xercesc/util/Base64.cpp
URL: http://svn.apache.org/viewvc/xerces/c/trunk/src/xercesc/util/Base64.cpp?rev=1801088&r1=1801087&r2=1801088&view=diff
==============================================================================
--- xerces/c/trunk/src/xercesc/util/Base64.cpp (original)
+++ xerces/c/trunk/src/xercesc/util/Base64.cpp Thu Jul  6 17:53:23 2017
@@ -143,15 +143,20 @@ XMLByte* Base64::encode(const XMLByte* c
                       , XMLSize_t*           outputLength                      
                       , MemoryManager* const memMgr)
 {
-    if (!inputData || !outputLength)
+    if (!inputData || !outputLength) {
         return 0;
+    }
+    else if (XERCES_SIZE_MAX - inputLength < 2) {
+        return 0;
+    }
 
-    int quadrupletCount = ( (int)inputLength + 2 ) / 3;
-    if (quadrupletCount == 0)
+    XMLSize_t quadrupletCount = (inputLength + 2 ) / 3;
+    if (quadrupletCount == 0) {
         return 0;
+    }
 
     // number of rows in encoded stream ( including the last one )
-    int lineCount = ( quadrupletCount + quadsPerLine-1 ) / quadsPerLine;
+    XMLSize_t lineCount = ( quadrupletCount + quadsPerLine-1 ) / quadsPerLine;
 
     //
     // convert the triplet(s) to quadruplet(s)
@@ -165,7 +170,7 @@ XMLByte* Base64::encode(const XMLByte* c
     //
     // Process all quadruplet(s) except the last
     //
-    int quad = 1;
+    XMLSize_t quad = 1;
     for (; quad <= quadrupletCount-1; quad++ )
     {
         // read triplet from the input stream
@@ -512,7 +517,7 @@ XMLByte* Base64::decode (   const XMLByt
     if (( rawInputLength % FOURBYTE ) != 0 )
         return 0;
 
-    int quadrupletCount = (int)rawInputLength / FOURBYTE;
+    XMLSize_t quadrupletCount = rawInputLength / FOURBYTE;
     if ( quadrupletCount == 0 )
         return 0;
 
@@ -529,7 +534,7 @@ XMLByte* Base64::decode (   const XMLByt
     //
     // Process all quadruplet(s) except the last
     //
-    int quad = 1;
+    XMLSize_t quad = 1;
     for (; quad <= quadrupletCount-1; quad++ )
     {
         // read quadruplet from the input stream



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@xerces.apache.org
For additional commands, e-mail: commits-help@xerces.apache.org