Fix bug in Base32::decode and add bounds check

The bug that was fixed, was affecting how the number of bytes of decoded data was  calculated and thus, even though it didn't truncate the result, it was causing the array to be resized unnecessarily.
This commit is contained in:
Adolfo E. García 2017-10-20 18:05:33 -06:00 committed by Janek Bevendorff
parent 24f560aaa2
commit c731f8e5c0

View File

@ -83,7 +83,7 @@ QVariant Base32::decode(const QByteArray& encodedData)
Q_ASSERT(encodedData.size() > 0); Q_ASSERT(encodedData.size() > 0);
const int nQuanta = encodedData.size() / 8; const int nQuanta = encodedData.size() / 8;
const int nBytes = (nQuanta - 1) * 5 + nSpecialBytes; const int nBytes = nSpecialBytes > 0 ? (nQuanta - 1) * 5 + nSpecialBytes : nQuanta * 5;
QByteArray data(nBytes, Qt::Uninitialized); QByteArray data(nBytes, Qt::Uninitialized);
@ -126,12 +126,17 @@ QVariant Base32::decode(const QByteArray& encodedData)
const int offset = (nQuantumBytes - 1) * 8; const int offset = (nQuantumBytes - 1) * 8;
quint64 mask = quint64(0xFF) << offset; quint64 mask = quint64(0xFF) << offset;
for (int n = offset; n >= 0; n -= 8) { for (int n = offset; n >= 0; n -= 8) {
char c = static_cast<char>((quantum & mask) >> n); if (o < nBytes) {
data[o++] = c; data[o++] = static_cast<char>((quantum & mask) >> n);
mask >>= 8; mask >>= 8;
} else {
break;
}
} }
} }
Q_ASSERT(nBytes == o);
return QVariant::fromValue(data); return QVariant::fromValue(data);
} }
@ -144,6 +149,7 @@ QByteArray Base32::encode(const QByteArray& data)
const int nBits = data.size() * 8; const int nBits = data.size() * 8;
const int rBits = nBits % 40; // in {0, 8, 16, 24, 32} const int rBits = nBits % 40; // in {0, 8, 16, 24, 32}
const int nQuanta = nBits / 40 + (rBits > 0 ? 1 : 0); const int nQuanta = nBits / 40 + (rBits > 0 ? 1 : 0);
const int nBytes = nQuanta * 8;
QByteArray encodedData(nQuanta * 8, Qt::Uninitialized); QByteArray encodedData(nQuanta * 8, Qt::Uninitialized);
int i = 0; int i = 0;
@ -211,7 +217,8 @@ QByteArray Base32::encode(const QByteArray& data)
} }
} }
Q_ASSERT(encodedData.size() == o); Q_ASSERT(data.size() == i);
Q_ASSERT(nBytes == o);
return encodedData; return encodedData;
} }