Surely you guys meant to check that msglen-5 is greater than or equal
to four lest you receive a msg akin to "?OTR:===." ?
This is a pretty highly utilized code-path with direct hits from
pidgin's receive im signal. Cheers.
int otrl_base64_otr_decode(const char *msg, unsigned char **bufp,
size_t *lenp)
{
char *otrtag, *endtag;
size_t msglen, rawlen;
unsigned char *rawmsg;
otrtag = strstr(msg, "?OTR:");
if (!otrtag) {
return -2;
}
endtag = strchr(otrtag, '.');
if (endtag) {
msglen = endtag-otrtag;
} else {
return -2;
}
/* Base64-decode the message */
rawlen = ((msglen-5) / 4) * 3; /* maximum possible */
rawmsg = malloc(rawlen);
if (!rawmsg && rawlen > 0) {
return -1;
}
rawlen = otrl_base64_decode(rawmsg, otrtag+5, msglen-5); /* actual size */
*bufp = rawmsg;
*lenp = rawlen;
return 0;
}
_______________________________________________
OTR-dev mailing list
[email protected]
http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
