From 81addbcb2e86f9f97866bec1b2a16a78dd91ec87 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Thu, 16 Mar 2017 18:38:13 +0000
Subject: [PATCH] [Fix] Fix out-of-bound access in base64 decode

---
 src/libcryptobox/base64/ref.c   | 2 +-
 src/libcryptobox/base64/sse42.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/libcryptobox/base64/ref.c b/src/libcryptobox/base64/ref.c
index 2d757fe23..797a91ce7 100644
--- a/src/libcryptobox/base64/ref.c
+++ b/src/libcryptobox/base64/ref.c
@@ -215,7 +215,7 @@ repeat:
 
 	if (!ret && inlen > 0) {
 		/* Skip to the next valid character in input */
-		while (base64_table_dec[*c] >= 254 && inlen > 0) {
+		while (inlen > 0 && base64_table_dec[*c] >= 254) {
 			c ++;
 			inlen --;
 		}
diff --git a/src/libcryptobox/base64/sse42.c b/src/libcryptobox/base64/sse42.c
index 12c6e3413..db585a637 100644
--- a/src/libcryptobox/base64/sse42.c
+++ b/src/libcryptobox/base64/sse42.c
@@ -244,7 +244,7 @@ repeat:
 
 	if (!ret && inlen > 0) {
 		/* Skip to the next valid character in input */
-		while (base64_table_dec[*c] >= 254 && inlen > 0) {
+		while (inlen > 0 && base64_table_dec[*c] >= 254) {
 			c ++;
 			inlen --;
 		}
-- 
2.39.5