[base64] Add buffer size parameter to base64_encode() and base64_decode()

Signed-off-by: Michael Brown <mcb30@ipxe.org>
author: Michael Brown 2015-04-24 16:32:04 +0200
committer: Michael Brown 2015-04-24 16:32:04 +0200
commit: 1205721cbd1930d22b7adcb3211040c7152e3171 (patch)
tree: e3d7a1ff444a4ff0cea8ee38a9f4ef16eb323d31 /src
parent: [base16] Add buffer size parameter to base16_encode() and base16_decode() (diff)
download: ipxe-1205721cbd1930d22b7adcb3211040c7152e3171.tar.gz
ipxe-1205721cbd1930d22b7adcb3211040c7152e3171.tar.xz
ipxe-1205721cbd1930d22b7adcb3211040c7152e3171.zip
7 files changed, 84 insertions, 77 deletions
diff --git a/src/core/base64.c b/src/core/base64.c
index c115fcea..e452f7d4 100644
--- a/src/core/base64.c
+++ b/src/core/base64.c
@@ -43,80 +43,73 @@ static const char base64[64] =
  * Base64-encode data
  *
  * @v raw		Raw data
- * @v len		Length of raw data
- * @v encoded		Buffer for encoded string
- *
- * The buffer must be the correct length for the encoded string.  Use
- * something like
- *
- *     char buf[ base64_encoded_len ( len ) + 1 ];
- *
- * (the +1 is for the terminating NUL) to provide a buffer of the
- * correct size.
+ * @v raw_len		Length of raw data
+ * @v data		Buffer
+ * @v len		Length of buffer
+ * @ret len		Encoded length
  */
-void base64_encode ( const uint8_t *raw, size_t len, char *encoded ) {
+size_t base64_encode ( const void *raw, size_t raw_len, char *data,
+		       size_t len ) {
 	const uint8_t *raw_bytes = ( ( const uint8_t * ) raw );
-	uint8_t *encoded_bytes = ( ( uint8_t * ) encoded );
-	size_t raw_bit_len = ( 8 * len );
+	size_t raw_bit_len = ( 8 * raw_len );
+	size_t used = 0;
 	unsigned int bit;
 	unsigned int byte;
 	unsigned int shift;
 	unsigned int tmp;
 
-	for ( bit = 0 ; bit < raw_bit_len ; bit += 6 ) {
+	for ( bit = 0 ; bit < raw_bit_len ; bit += 6, used++ ) {
 		byte = ( bit / 8 );
 		shift = ( bit % 8 );
 		tmp = ( raw_bytes[byte] << shift );
-		if ( ( byte + 1 ) < len )
+		if ( ( byte + 1 ) < raw_len )
 			tmp |= ( raw_bytes[ byte + 1 ] >> ( 8 - shift ) );
 		tmp = ( ( tmp >> 2 ) & 0x3f );
-		*(encoded_bytes++) = base64[tmp];
+		if ( used < len )
+			data[used] = base64[tmp];
 	}
-	for ( ; ( bit % 8 ) != 0 ; bit += 6 )
-		*(encoded_bytes++) = '=';
-	*(encoded_bytes++) = '\0';
+	for ( ; ( bit % 8 ) != 0 ; bit += 6, used++ ) {
+		if ( used < len )
+			data[used] = '=';
+	}
+	if ( used < len )
+		data[used] = '\0';
+	if ( len )
+		data[ len - 1 ] = '\0'; /* Ensure terminator exists */
 
-	DBG ( "Base64-encoded to \"%s\":\n", encoded );
-	DBG_HDA ( 0, raw, len );
-	assert ( strlen ( encoded ) == base64_encoded_len ( len ) );
+	return used;
 }
 
 /**
  * Base64-decode string
  *
  * @v encoded		Encoded string
- * @v raw		Raw data
- * @ret len		Length of raw data, or negative error
- *
- * The buffer must be large enough to contain the decoded data.  Use
- * something like
- *
- *     char buf[ base64_decoded_max_len ( encoded ) ];
- *
- * to provide a buffer of the correct size.
+ * @v data		Buffer
+ * @v len		Length of buffer
+ * @ret len		Length of data, or negative error
  */
-int base64_decode ( const char *encoded, uint8_t *raw ) {
-	const uint8_t *encoded_bytes = ( ( const uint8_t * ) encoded );
-	uint8_t *raw_bytes = ( ( uint8_t * ) raw );
-	uint8_t encoded_byte;
+int base64_decode ( const char *encoded, void *data, size_t len ) {
+	const char *in = encoded;
+	uint8_t *out = data;
+	uint8_t in_char;
 	char *match;
-	int decoded;
+	int in_bits;
 	unsigned int bit = 0;
 	unsigned int pad_count = 0;
-	size_t len;
+	size_t offset;
 
-	/* Zero the raw data */
-	memset ( raw, 0, base64_decoded_max_len ( encoded ) );
+	/* Zero the output buffer */
+	memset ( data, 0, len );
 
 	/* Decode string */
-	while ( ( encoded_byte = *(encoded_bytes++) ) ) {
+	while ( ( in_char = *(in++) ) ) {
 
 		/* Ignore whitespace characters */
-		if ( isspace ( encoded_byte ) )
+		if ( isspace ( in_char ) )
 			continue;
 
 		/* Process pad characters */
-		if ( encoded_byte == '=' ) {
+		if ( in_char == '=' ) {
 			if ( pad_count >= 2 ) {
 				DBG ( "Base64-encoded string \"%s\" has too "
 				      "many pad characters\n", encoded );
@@ -133,18 +126,22 @@ int base64_decode ( const char *encoded, uint8_t *raw ) {
 		}
 
 		/* Process normal characters */
-		match = strchr ( base64, encoded_byte );
+		match = strchr ( base64, in_char );
 		if ( ! match ) {
 			DBG ( "Base64-encoded string \"%s\" contains invalid "
-			      "character '%c'\n", encoded, encoded_byte );
+			      "character '%c'\n", encoded, in_char );
 			return -EINVAL;
 		}
-		decoded = ( match - base64 );
+		in_bits = ( match - base64 );
 
 		/* Add to raw data */
-		decoded <<= 2;
-		raw_bytes[ bit / 8 ] |= ( decoded >> ( bit % 8 ) );
-		raw_bytes[ bit / 8 + 1 ] |= ( decoded << ( 8 - ( bit % 8 ) ) );
+		in_bits <<= 2;
+		offset = ( bit / 8 );
+		if ( offset < len )
+			out[offset] |= ( in_bits >> ( bit % 8 ) );
+		offset++;
+		if ( offset < len )
+			out[offset] |= ( in_bits << ( 8 - ( bit % 8 ) ) );
 		bit += 6;
 	}
 
@@ -154,12 +151,7 @@ int base64_decode ( const char *encoded, uint8_t *raw ) {
 		      "%d\n", encoded, bit );
 		return -EINVAL;
 	}
-	len = ( bit / 8 );
-
-	DBG ( "Base64-decoded \"%s\" to:\n", encoded );
-	DBG_HDA ( 0, raw, len );
-	assert ( len <= base64_decoded_max_len ( encoded ) );
 
 	/* Return length in bytes */
-	return ( len );
+	return ( bit / 8 );
 }
diff --git a/src/crypto/ocsp.c b/src/crypto/ocsp.c
index 66e47c57..5df55bc9 100644
--- a/src/crypto/ocsp.c
+++ b/src/crypto/ocsp.c
@@ -233,7 +233,7 @@ static int ocsp_uri_string ( struct ocsp_check *ocsp ) {
 		goto err_path_base64;
 	}
 	base64_encode ( ocsp->request.builder.data, ocsp->request.builder.len,
-			path_base64_string );
+			path_base64_string, path_len );
 
 	/* URI-encode the Base64-encoded request */
 	memset ( &path_uri, 0, sizeof ( path_uri ) );
diff --git a/src/include/ipxe/base64.h b/src/include/ipxe/base64.h
index eeae2f39..0c70d838 100644
--- a/src/include/ipxe/base64.h
+++ b/src/include/ipxe/base64.h
@@ -35,7 +35,8 @@ static inline size_t base64_decoded_max_len ( const char *encoded ) {
 	return ( ( ( strlen ( encoded ) + 4 - 1 ) / 4 ) * 3 );
 }
 
-extern void base64_encode ( const uint8_t *raw, size_t len, char *encoded );
-extern int base64_decode ( const char *encoded, uint8_t *raw );
+extern size_t base64_encode ( const void *raw, size_t raw_len, char *data,
+			      size_t len );
+extern int base64_decode ( const char *encoded, void *data, size_t len );
 
 #endif /* _IPXE_BASE64_H */
diff --git a/src/net/tcp/httpcore.c b/src/net/tcp/httpcore.c
index d94ab5f0..f14ce9a8 100644
--- a/src/net/tcp/httpcore.c
+++ b/src/net/tcp/httpcore.c
@@ -1081,7 +1081,8 @@ static char * http_basic_auth ( struct http_request *http ) {
 	snprintf ( user_pw, sizeof ( user_pw ), "%s:%s", user, password );
 
 	/* Base64-encode the "user:password" string */
-	base64_encode ( ( void * ) user_pw, user_pw_len, user_pw_base64 );
+	base64_encode ( user_pw, user_pw_len, user_pw_base64,
+			sizeof ( user_pw_base64 ) );
 
 	/* Generate the authorisation string */
 	len = asprintf ( &auth, "Authorization: Basic %s\r\n",
diff --git a/src/net/tcp/iscsi.c b/src/net/tcp/iscsi.c
index e553b214..0099bf5b 100644
--- a/src/net/tcp/iscsi.c
+++ b/src/net/tcp/iscsi.c
@@ -845,7 +845,7 @@ static int iscsi_large_binary_decode ( const char *encoded, uint8_t *raw,
 		case 'x' :
 			return base16_decode ( encoded, raw, len );
 		case 'b' :
-			return base64_decode ( encoded, raw );
+			return base64_decode ( encoded, raw, len );
 		}
 	}
 
diff --git a/src/net/validator.c b/src/net/validator.c
index 4c26cd1b..a01269da 100644
--- a/src/net/validator.c
+++ b/src/net/validator.c
@@ -254,7 +254,8 @@ static int validator_start_download ( struct validator *validator,
 	/* Generate URI string */
 	len = snprintf ( uri_string, uri_string_len, "%s/%08x.der?subject=",
 			 crosscert, crc );
-	base64_encode ( issuer->data, issuer->len, ( uri_string + len ) );
+	base64_encode ( issuer->data, issuer->len, ( uri_string + len ),
+			( uri_string_len - len ) );
 	DBGC ( validator, "VALIDATOR %p downloading cross-signed certificate "
 	       "from %s\n", validator, uri_string );
 
diff --git a/src/tests/base64_test.c b/src/tests/base64_test.c
index b22158f5..0fc595d9 100644
--- a/src/tests/base64_test.c
+++ b/src/tests/base64_test.c
@@ -80,30 +80,42 @@ BASE64 ( random_test,
  * Report a base64 encoding test result
  *
  * @v test		Base64 test
+ * @v file		Test code file
+ * @v line		Test code line
  */
-#define base64_encode_ok( test ) do {					\
-	size_t len = base64_encoded_len ( (test)->len );		\
-	char buf[ len + 1 /* NUL */ ];					\
-	ok ( len == strlen ( (test)->encoded ) );			\
-	base64_encode ( (test)->data, (test)->len, buf );		\
-	ok ( strcmp ( (test)->encoded, buf ) == 0 );			\
-	} while ( 0 )
+static void base64_encode_okx ( struct base64_test *test, const char *file,
+				unsigned int line ) {
+	size_t len = base64_encoded_len ( test->len );
+	char buf[ len + 1 /* NUL */ ];
+	size_t check_len;
+
+	okx ( len == strlen ( test->encoded ), file, line );
+	check_len = base64_encode ( test->data, test->len, buf, sizeof ( buf ));
+	okx ( check_len == len, file, line );
+	okx ( strcmp ( test->encoded, buf ) == 0, file, line );
+}
+#define base64_encode_ok( test ) base64_encode_okx ( test, __FILE__, __LINE__ )
 
 /**
  * Report a base64 decoding test result
  *
  * @v test		Base64 test
+ * @v file		Test code file
+ * @v line		Test code line
  */
-#define base64_decode_ok( test ) do {					\
-	size_t max_len = base64_decoded_max_len ( (test)->encoded );	\
-	uint8_t buf[max_len];						\
-	int len;							\
-	len = base64_decode ( (test)->encoded, buf );			\
-	ok ( len >= 0 );						\
-	ok ( ( size_t ) len <= max_len );				\
-	ok ( ( size_t ) len == (test)->len );				\
-	ok ( memcmp ( (test)->data, buf, len ) == 0 );			\
-	} while ( 0 )
+static void base64_decode_okx ( struct base64_test *test, const char *file,
+				unsigned int line ) {
+	size_t max_len = base64_decoded_max_len ( test->encoded );
+	uint8_t buf[max_len];
+	int len;
+
+	len = base64_decode ( test->encoded, buf, sizeof ( buf ) );
+	okx ( len >= 0, file, line );
+	okx ( ( size_t ) len <= max_len, file, line );
+	okx ( ( size_t ) len == test->len, file, line );
+	okx ( memcmp ( test->data, buf, len ) == 0, file, line );
+}
+#define base64_decode_ok( test ) base64_decode_okx ( test, __FILE__, __LINE__ )
 
 /**
  * Perform Base64 self-tests
author	Michael Brown	2015-04-24 16:32:04 +0200
committer	Michael Brown	2015-04-24 16:32:04 +0200
commit	1205721cbd1930d22b7adcb3211040c7152e3171 (patch)
tree	e3d7a1ff444a4ff0cea8ee38a9f4ef16eb323d31 /src
parent	[base16] Add buffer size parameter to base16_encode() and base16_decode() (diff)
download	ipxe-1205721cbd1930d22b7adcb3211040c7152e3171.tar.gz ipxe-1205721cbd1930d22b7adcb3211040c7152e3171.tar.xz ipxe-1205721cbd1930d22b7adcb3211040c7152e3171.zip