From 0f557e9065b0bcfce38ee1fea5fc947bf0c5431c Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Thu, 15 Oct 2015 21:40:17 +0100 Subject: [PATCH] DKIM: ignore space & tab embedded in base64 during decode. Bug 1700 --- doc/doc-txt/ChangeLog | 4 ++++ src/src/pdkim/base64.c | 20 ++++++++++++-------- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 14f0dc737..4fb36643e 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -54,6 +54,10 @@ JH/07 Bug 1678: Always record an interface option value, if set, as part of a different interface settings and the retry behaviour needs to be kept distinct. +JH/08 Bug 1586: exiqgrep now refuses to run if there are unexpected arguments. + +JH/09 Bug 1700: ignore space & tab embedded in base64 during decode. + Exim version 4.86 ----------------- diff --git a/src/src/pdkim/base64.c b/src/src/pdkim/base64.c index a82fc2d75..1395be42c 100644 --- a/src/src/pdkim/base64.c +++ b/src/src/pdkim/base64.c @@ -128,20 +128,22 @@ int base64_decode( unsigned char *dst, int *dlen, for( i = j = n = 0; i < slen; i++ ) { + unsigned char c = src[i]; + if( ( slen - i ) >= 2 && - src[i] == '\r' && src[i + 1] == '\n' ) + c == '\r' && src[i + 1] == '\n' ) continue; - if( src[i] == '\n' ) + if( c == '\n' || c == ' ' || c == '\t' ) continue; - if( src[i] == '=' && ++j > 2 ) + if( c == '=' && ++j > 2 ) return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); - if( src[i] > 127 || base64_dec_map[src[i]] == 127 ) + if( c > 127 || base64_dec_map[src[i]] == 127 ) return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); - if( base64_dec_map[src[i]] < 64 && j != 0 ) + if( base64_dec_map[c] < 64 && j != 0 ) return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); n++; @@ -160,11 +162,13 @@ int base64_decode( unsigned char *dst, int *dlen, for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ ) { - if( *src == '\r' || *src == '\n' ) + unsigned char c = *src; + + if( c == '\r' || c == '\n' || c == ' ' || c == '\t' ) continue; - j -= ( base64_dec_map[*src] == 64 ); - x = (x << 6) | ( base64_dec_map[*src] & 0x3F ); + j -= ( base64_dec_map[c] == 64 ); + x = (x << 6) | ( base64_dec_map[c] & 0x3F ); if( ++n == 4 ) { -- 2.25.1