Fixed possible buffer overflow in php_base64_decode();

author Moriyoshi Koizumi <moriyoshi@php.net>

Sun, 1 Dec 2002 02:44:50 +0000 (02:44 +0000)

committer Moriyoshi Koizumi <moriyoshi@php.net>

Sun, 1 Dec 2002 02:44:50 +0000 (02:44 +0000)
author Moriyoshi Koizumi <moriyoshi@php.net>
Sun, 1 Dec 2002 02:44:50 +0000 (02:44 +0000)
committer Moriyoshi Koizumi <moriyoshi@php.net>
Sun, 1 Dec 2002 02:44:50 +0000 (02:44 +0000)
diff --git a/ext/standard/base64.c b/ext/standard/base64.c

index 18f1e9c5328bf89717853761aa2640de62e11ce0..4fefd1bc54ea5d929350f52c81709cd10775fe74 100644 (file)
--- a/ext/standard/base64.c
+++ b/ext/standard/base64.c
@@ -140,7 +140,7 @@ unsigned char *php_base64_decode(const unsigned char *str, int length, int *ret_
         }
  
         /* run through the whole string, converting as we go */
-       while ((ch = *current++) != '\0') {
+       while ((ch = *current++) != '\0' && length-- > 0) {
                 if (ch == base64_pad) break;
  
             /* When Base64 gets POSTed, all pluses are interpreted as spaces.
author	Moriyoshi Koizumi <moriyoshi@php.net>
	Sun, 1 Dec 2002 02:44:50 +0000 (02:44 +0000)
committer	Moriyoshi Koizumi <moriyoshi@php.net>
	Sun, 1 Dec 2002 02:44:50 +0000 (02:44 +0000)