From 32609e6896f9079c175665a94005417cec7637eb Mon Sep 17 00:00:00 2001 From: Philippe Antoine Date: Mon, 17 Nov 2025 13:27:54 +0100 Subject: [PATCH] datasets: explicitly errors on too long string Also avoids stack allocation Ticket: 8110 (cherry picked from commit 0eff24213763c2aa2bb0957901d5dc1e18414dbf) --- src/datasets-string.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/datasets-string.c b/src/datasets-string.c index 0a8f499ae3..524a60ad9a 100644 --- a/src/datasets-string.c +++ b/src/datasets-string.c @@ -49,12 +49,13 @@ int StringAsBase64(const void *s, char *out, size_t out_size) const StringType *str = s; unsigned long len = Base64EncodeBufferSize(str->len); - uint8_t encoded_data[len]; - if (Base64Encode((unsigned char *)str->ptr, str->len, - encoded_data, &len) != SC_BASE64_OK) + if (len + 2 > out_size) { + // linefeed and final zero + return 0; + } + if (Base64Encode((unsigned char *)str->ptr, str->len, (uint8_t *)out, &len) != SC_BASE64_OK) return 0; - strlcpy(out, (const char *)encoded_data, out_size); strlcat(out, "\n", out_size); return strlen(out); }