[SASL-CVS] src/sasl/lib by murch
Alexey Melnikov
alexey.melnikov at isode.com
Mon Apr 27 11:45:38 EDT 2009
murch at andrew.cmu.edu wrote:
>Update of /afs/andrew/system/cvs/src/sasl/lib
>In directory unix11.andrew.cmu.edu:/var/tmp/cvs-serv5340/lib
>
>Modified Files:
> saslutil.c
>Log Message:
>Fixed CERT VU#238019 (make sure sasl_encode64() always NUL terminates output or returns SASL_BUFOVER)
>
>
>--- links to diffs follow ---
>http://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/lib/saslutil.c.diff?r1=1.48&r2=1.49
>
Note that there is a side-effect of this change: implementations that
allocate needed size + 1 byte and only pass in the needed size would
stop working.
E.g.
base64len = (length * 4 / 3) + ((length % 3) ? 4 : 0);
data = malloc(base64len + 1);
if (sasl_encode64(binary,
length,
data,
base64len,
NULL) != SASL_OK) {
////Error
}
would return SASL_BUFOVER now. To fix this one needs to pass
"base64len+1" in the 4th parameter.
More information about the Cyrus-sasl
mailing list