* Brought over yet another new version of the MIME parser from Citadel

[citadel.git] / webcit / cookie_conversion.c

diff --git a/webcit/cookie_conversion.c b/webcit/cookie_conversion.c
index 83ae6ad8dbc25960099ad004daf972c07d231b71..d0bec8b521ef4a10bbc0f603276625536d3b02c2 100644 (file)
--- a/webcit/cookie_conversion.c
+++ b/webcit/cookie_conversion.c
@@ -90,10 +90,13 @@ void encode_base64(char *dest, char *source)
 }
 
 
-
-int decode_base64(char *dest, char *source)
+/* 
+ * Convert base64-encoded to binary.  Returns the length of the decoded data.
+ * It will stop after reading 'length' bytes.
+ */
+int decode_base64(char *dest, char *source, size_t length)
 {
-    int i;
+    int i, c;
     int dpos = 0;
     int spos = 0;
 
@@ -118,7 +121,10 @@ int decode_base64(char *dest, char *source)
        byte a[4], b[4], o[3];
 
        for (i = 0; i < 4; i++) {
-           int c = source[spos++];
+           if (spos >= length) {
+               return(dpos);
+           }
+           c = source[spos++];
 
            if (c == 0) {
                if (i > 0) {
@@ -150,8 +156,6 @@ int decode_base64(char *dest, char *source)
 
 
 
-
-
 /*
  * Pack all session info into one easy-to-digest cookie.  Healthy and delicious!
  */
@@ -171,7 +175,7 @@ void cookie_to_stuff(char *cookie, int *session, char *user, char *pass, char *r
 {
        char buf[SIZ];
 
-       decode_base64(buf, cookie);
+       decode_base64(buf, cookie, strlen(cookie));
 
        if (session != NULL)
                *session = extract_int(buf, 0);