Changeset b38d399 for lib/oauth.c


Ignore:
Timestamp:
2014-11-24T05:16:09Z (5 years ago)
Author:
dequis <dx@…>
Branches:
master
Children:
9f8bb17
Parents:
e2472dd
Message:

Use glib functions for base64 decoding/encoding

This fixes several coverity warnings about 'tainted data index sink' and
a fixme about thread safety in the old base64_decode implementation.

Had to adapt the code that used base64_encode_real:

  • oauth.c: different character set order, but it's for the nonce so it doesn't matter
  • libyahoo2.c: used as part of the auth, changes "+/=" into "._-". Fixed by encoding first the usual way through glib, then replacing.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • lib/oauth.c

    re2472dd rb38d399  
    7676{
    7777        unsigned char bytes[21];
    78         char *ret = g_new0( char, sizeof( bytes) / 3 * 4 + 1 );
    79        
    8078        random_bytes( bytes, sizeof( bytes ) );
    81         base64_encode_real( bytes, sizeof( bytes), (unsigned char*) ret, "0123456789"
    82                             "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0A" );
    83        
    84         return ret;
     79        return base64_encode( bytes, sizeof( bytes ) );
    8580}
    8681
Note: See TracChangeset for help on using the changeset viewer.