From fa56ac77de010b7823ddca2e22a8955fd9aefd44 Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@rspamd.com>
Date: Wed, 24 Apr 2024 14:47:17 +0100
Subject: [PATCH] [Fix] Do not read out-of-boundary when doing base64 encoding

---
 src/libutil/str_util.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/libutil/str_util.c b/src/libutil/str_util.c
index eda3331fa..f8fff0dca 100644
--- a/src/libutil/str_util.c
+++ b/src/libutil/str_util.c
@@ -353,7 +353,7 @@ unsigned int rspamd_gstring_icase_hash(gconstpointer key)
 #define ZEROMASK 0x7F7F7F7FU
 #endif
 
-#define HASZERO(x) ~(((((x) &ZEROMASK) + ZEROMASK) | (x)) | ZEROMASK)
+#define HASZERO(x) ~(((((x) & ZEROMASK) + ZEROMASK) | (x)) | ZEROMASK)
 
 gsize rspamd_strlcpy_fast(char *dst, const char *src, gsize siz)
 {
@@ -1303,7 +1303,7 @@ rspamd_encode_base64_common(const unsigned char *in, gsize inlen, int str_len,
 	o = out;
 	cols = 0;
 
-	while (inlen > 6) {
+	while (inlen >= sizeof(n)) {
 		memcpy(&n, in, sizeof(n));
 		n = GUINT64_TO_BE(n);
 
@@ -3502,7 +3502,7 @@ rspamd_str_regexp_escape(const char *pattern, gsize slen,
 					*d++ = '\\';
 					*d++ = 'x';
 					*d++ = hexdigests[((t >> 4) & 0xF)];
-					*d++ = hexdigests[((t) &0xF)];
+					*d++ = hexdigests[((t) & 0xF)];
 					continue; /* To avoid *d++ = t; */
 				}
 				else {
-- 
2.39.5