From 43216777e5e4ecc4ffdce7471925970f4f1a701b Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sat, 23 Feb 2019 16:09:31 +0200
Subject: [PATCH] UBSan: Avoid unsigned integer overflow in base64 encoding

Add a constraint on the base64 encoded buffer length to avoid an integer
overflow in the output length calculation.

common.c:1087:16: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'size_t' (aka 'unsigned long')

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/utils/base64.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/utils/base64.c b/src/utils/base64.c
index 8eb4ba127..53a92f49e 100644
--- a/src/utils/base64.c
+++ b/src/utils/base64.c
@@ -1,12 +1,13 @@
 /*
  * Base64 encoding/decoding (RFC1341)
- * Copyright (c) 2005-2011, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2005-2019, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
  */
 
 #include "includes.h"
+#include <stdint.h>
 
 #include "os.h"
 #include "base64.h"
@@ -27,6 +28,8 @@ static unsigned char * base64_gen_encode(const unsigned char *src, size_t len,
 	size_t olen;
 	int line_len;
 
+	if (len >= SIZE_MAX / 4)
+		return NULL;
 	olen = len * 4 / 3 + 4; /* 3-byte blocks to 4-byte */
 	if (add_pad)
 		olen += olen / 72; /* line feeds */