Commit 05ef3b95 authored by Nick Mathewson's avatar Nick Mathewson 🥔
Browse files

Merge branch 'maint-0.3.0'

parents f0fa7dcd f1613b53
Loading
Loading
Loading
Loading

changes/bug21894_029

0 → 100644
+5 −0
Original line number Diff line number Diff line
  o Minor bugfixes (crash prevention):
    - Fix an (currently untriggerable, but potentially dangerous) crash
      bug when base32-encoding inputs whose sizes are not a multiple of
      5. Fixes bug 21894; bugfix on 0.2.9.1-alpha.
+4 −3
Original line number Diff line number Diff line
@@ -53,9 +53,10 @@ base32_encode(char *dest, size_t destlen, const char *src, size_t srclen)

  for (i=0,bit=0; bit < nbits; ++i, bit+=5) {
    /* set v to the 16-bit value starting at src[bits/8], 0-padded. */
    v = ((uint8_t)src[bit/8]) << 8;
    if (bit+5<nbits)
      v += (uint8_t)src[(bit/8)+1];
    size_t idx = bit / 8;
    v = ((uint8_t)src[idx]) << 8;
    if (idx+1 < srclen)
      v += (uint8_t)src[idx+1];
    /* set u to the 5-bit value at the bit'th bit of buf. */
    u = (v >> (11-(bit%8))) & 0x1F;
    dest[i] = BASE32_CHARS[u];