[PATCH v2 0/2] Fix out-of-bounds potential in decode_base64 and add regression tests
Jonas Rebmann
jre at pengutronix.de
Tue Dec 2 01:22:43 PST 2025
I took a closer look at decode_base64 while reviewing coverity report
584740 (Out-of-bounds access). 1/2 resolves the issue (although coverity
seems to suspect an out-of-bounds access for the wrong reason and might
keep doing so), 2/2 adds a selftest I used to debug the issue.
Signed-off-by: Jonas Rebmann <jre at pengutronix.de>
---
Changes in v2:
- correct name of helper function from __expect_streq() to
__expect_base64()
- Link to v1: https://lore.barebox.org/barebox/20251201-base64-bounds-v1-0-3ae2b2e8b7cb@pengutronix.de
---
Jonas Rebmann (2):
lib: base64: Fix out-of-bounds potential by respecting dst_len
test: self: add base64 selftests
lib/base64.c | 10 +++++-----
test/self/Kconfig | 7 +++++++
test/self/Makefile | 1 +
test/self/base64.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 58 insertions(+), 5 deletions(-)
---
base-commit: ec00fef65d808f8bc9c5655262b0e4f8ce2c4e92
change-id: 20251201-base64-bounds-ed379c2c6ff7
Best regards,
--
Jonas Rebmann <jre at pengutronix.de>
More information about the barebox
mailing list