coreutils/backport-maint-basenc-consistently-check-buffer-bounds-when-e.patch

From a46f34bb56d545369a6b1321c2d78ac08b676c06 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
Date: Tue, 19 Mar 2024 15:55:18 +0000
Subject: [PATCH] maint: basenc: consistently check buffer bounds when encoding

* src/basenc.c (base16_encode, base2msbf_encode, base2lsbf_encode):
Ensure we don't overflow the output buffer, whose length is
passed in the OUTLEN parameter.  This issue was flagged by clang
with -Wunused-but-set-parameter.

Reference:https://github.com/coreutils/coreutils/commit/a46f34bb56d545369a6b1321c2d78ac08b676c06
Conflict:Adapt to context.

---
 src/basenc.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/basenc.c b/src/basenc.c
index f4ca872..a3f89da 100644
--- a/src/basenc.c
+++ b/src/basenc.c
@@ -508,12 +508,14 @@ static void
 base16_encode (char const *restrict in, idx_t inlen,
                char *restrict out, idx_t outlen)
 {
-  while (inlen--)
+  while (inlen && outlen)
     {
       unsigned char c = *in;
       *out++ = base16[c >> 4];
       *out++ = base16[c & 0x0F];
       ++in;
+      inlen--;
+      outlen -= 2;
     }
 }
 
@@ -784,7 +786,7 @@ inline static void
 base2msbf_encode (char const *restrict in, idx_t inlen,
                   char *restrict out, idx_t outlen)
 {
-  while (inlen--)
+  while (inlen && outlen)
     {
       unsigned char c = *in;
       for (int i = 0; i < 8; i++)
@@ -792,6 +794,7 @@ base2msbf_encode (char const *restrict in, idx_t inlen,
           *out++ = c & 0x80 ? '1' : '0';
           c <<= 1;
         }
+      inlen--;
       outlen -= 8;
       ++in;
     }
@@ -801,7 +804,7 @@ inline static void
 base2lsbf_encode (char const *restrict in, idx_t inlen,
                   char *restrict out, idx_t outlen)
 {
-  while (inlen--)
+  while (inlen && outlen)
     {
       unsigned char c = *in;
       for (int i = 0; i < 8; i++)
@@ -809,6 +812,7 @@ base2lsbf_encode (char const *restrict in, idx_t inlen,
           *out++ = c & 0x01 ? '1' : '0';
           c >>= 1;
         }
+      inlen--;
       outlen -= 8;
       ++in;
     }
-- 
2.33.0