aboutsummaryrefslogtreecommitdiff
path: root/util/base64.c
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2015-11-23 15:24:50 +0000
committerDaniel P. Berrange <berrange@redhat.com>2015-12-18 16:25:08 +0000
commit89bc0b6cae6e40e9247bf911162b0aee0c818c4c (patch)
treebe3ea0fed48a497e04e74b999d63e979faed3eea /util/base64.c
parent18f49881cf8359e89396aac12f5d3cf3f8a632ba (diff)
util: add base64 decoding function
The standard glib provided g_base64_decode doesn't provide any kind of sensible error checking on its input. Add a QEMU custom wrapper qbase64_decode which can be used with untrustworthy input that can contain invalid base64 characters, embedded NUL characters, or not be NUL terminated at all. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Diffstat (limited to 'util/base64.c')
-rw-r--r--util/base64.c60
1 files changed, 60 insertions, 0 deletions
diff --git a/util/base64.c b/util/base64.c
new file mode 100644
index 0000000000..f82caa7c8b
--- /dev/null
+++ b/util/base64.c
@@ -0,0 +1,60 @@
+/*
+ * QEMU base64 helpers
+ *
+ * Copyright (c) 2015 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include <config-host.h>
+
+#include "qemu/base64.h"
+
+static const char *base64_valid_chars =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\n";
+
+uint8_t *qbase64_decode(const char *input,
+ size_t in_len,
+ size_t *out_len,
+ Error **errp)
+{
+ *out_len = 0;
+
+ if (in_len != -1) {
+ /* Lack of NUL terminator is an error */
+ if (input[in_len] != '\0') {
+ error_setg(errp, "Base64 data is not NUL terminated");
+ return NULL;
+ }
+ /* Check there's no NULs embedded since we expect
+ * this to be valid base64 data */
+ if (memchr(input, '\0', in_len) != NULL) {
+ error_setg(errp, "Base64 data contains embedded NUL characters");
+ return NULL;
+ }
+
+ /* Now we know its a valid nul terminated string
+ * strspn is safe to use... */
+ } else {
+ in_len = strlen(input);
+ }
+
+ if (strspn(input, base64_valid_chars) != in_len) {
+ error_setg(errp, "Base64 data contains invalid characters");
+ return NULL;
+ }
+
+ return g_base64_decode(input, out_len);
+}