/src/suricata7/libhtp/htp/htp_base64.c

Source
/***************************************************************************
 * Copyright (c) 2009-2010 Open Information Security Foundation
 * Copyright (c) 2010-2013 Qualys, Inc.
 * All rights reserved.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 * 
 * - Redistributions of source code must retain the above copyright
 *   notice, this list of conditions and the following disclaimer.

 * - Redistributions in binary form must reproduce the above copyright
 *   notice, this list of conditions and the following disclaimer in the
 *   documentation and/or other materials provided with the distribution.

 * - Neither the name of the Qualys, Inc. nor the names of its
 *   contributors may be used to endorse or promote products derived from
 *   this software without specific prior written permission.
 * 
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ***************************************************************************/

/**
 * @file
 * @author Ivan Ristic <ivanr@webkreator.com>
 */

/* Adapted from the libb64 project (http://sourceforge.net/projects/libb64), which is in public domain. */

#include "bstr.h"
#include "htp_base64.h"

/**
 * Decode single base64-encoded character.
 *
 * @param[in] value_in
 * @return decoded character
 */
int htp_base64_decode_single(signed char value_in) {
    static const signed char decoding[] = {62, -1, -1, -1, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61,
        -1, -1, -1, -2, -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17,
        18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34,
        35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51};
    static const signed char decoding_size = sizeof (decoding);

    value_in -= 43;

    if ((value_in < 0) || (value_in > decoding_size - 1)) return -1;

    return decoding[(int) value_in];
}

/**
 * Initialize base64 decoder.
 *
 * @param[in] decoder
 */
void htp_base64_decoder_init(htp_base64_decoder *decoder) {
    decoder->step = step_a;
    decoder->plainchar = 0;
}

/**
 * Feed the supplied memory range to the decoder.
 *
 * @param[in] decoder
 * @param[in] _code_in
 * @param[in] length_in
 * @param[in] _plaintext_out
 * @param[in] length_out
 * @return how many bytes were placed into plaintext output
 */
int htp_base64_decode(htp_base64_decoder *decoder, const void *_code_in, int length_in, void *_plaintext_out, int length_out) {
    const unsigned char *code_in = (const unsigned char *)_code_in;
    unsigned char *plaintext_out = (unsigned char *)_plaintext_out;
    const unsigned char *codechar = code_in;
    unsigned char *plainchar = plaintext_out;
    signed char fragment;

    if (length_out <= 0) return 0;

    *plainchar = decoder->plainchar;

    switch (decoder->step) {
            while (1) {
                case step_a:
                do {
                    if (codechar == code_in + length_in) {
                        decoder->step = step_a;
                        decoder->plainchar = *plainchar;
                        return (int) (plainchar - plaintext_out);
                    }
                    fragment = (char) htp_base64_decode_single(*codechar++);
                } while (fragment < 0);
                *plainchar = (unsigned char) ((fragment & 0x03f) << 2);
                /* fall through */

                case step_b:
                do {
                    if (codechar == code_in + length_in) {
                        decoder->step = step_b;
                        decoder->plainchar = *plainchar;
                        return (int) (plainchar - plaintext_out);
                    }
                    fragment = (char) htp_base64_decode_single(*codechar++);
                } while (fragment < 0);
                *plainchar++ |= (fragment & 0x030) >> 4;
                *plainchar = (unsigned char) ((fragment & 0x00f) << 4);
                if (--length_out == 0) {
                    return (int) (plainchar - plaintext_out);
                }
                /* fall through */

                case step_c:
                do {
                    if (codechar == code_in + length_in) {
                        decoder->step = step_c;
                        decoder->plainchar = *plainchar;
                        return (int) (plainchar - plaintext_out);
                    }
                    fragment = (char) htp_base64_decode_single(*codechar++);
                } while (fragment < 0);
                *plainchar++ |= (fragment & 0x03c) >> 2;
                *plainchar = (unsigned char) ((fragment & 0x003) << 6);
                if (--length_out == 0) {
                    return (int) (plainchar - plaintext_out);
                }
                /* fall through */

                case step_d:
                do {
                    if (codechar == code_in + length_in) {
                        decoder->step = step_d;
                        decoder->plainchar = *plainchar;
                        return (int) (plainchar - plaintext_out);
                    }
                    fragment = (char) htp_base64_decode_single(*codechar++);
                } while (fragment < 0);
                *plainchar++ |= (fragment & 0x03f);
                if (--length_out == 0) {
                    return (int) (plainchar - plaintext_out);
                }
                /* fall through */
            }
    }

    /* control should not reach here */
    return plainchar - plaintext_out;
}

/**
 * Base64-decode input, given as bstring.
 *
 * @param[in] input
 * @return new base64-decoded bstring
 */
bstr *htp_base64_decode_bstr(bstr *input) {
    return htp_base64_decode_mem(bstr_ptr(input), bstr_len(input));
}

/**
 * Base64-decode input, given as memory range.
 *
 * @param[in] data
 * @param[in] len
 * @return new base64-decoded bstring
 */
bstr *htp_base64_decode_mem(const void *data, size_t len) {
    htp_base64_decoder decoder;
    bstr *r = NULL;

    htp_base64_decoder_init(&decoder);

    unsigned char *tmpstr = malloc(len);
    if (tmpstr == NULL) return NULL;

    int resulting_len = htp_base64_decode(&decoder, data, (int) len, tmpstr, (int) len);
    if (resulting_len > 0) {
        r = bstr_dup_mem(tmpstr, resulting_len);
    }

    free(tmpstr);

    return r;
}

Line	Count	Source
1		/***************************************************************************
2		* Copyright (c) 2009-2010 Open Information Security Foundation
3		* Copyright (c) 2010-2013 Qualys, Inc.
4		* All rights reserved.
5		*
6		* Redistribution and use in source and binary forms, with or without
7		* modification, are permitted provided that the following conditions are
8		* met:
9		*
10		* - Redistributions of source code must retain the above copyright
11		* notice, this list of conditions and the following disclaimer.
12
13		* - Redistributions in binary form must reproduce the above copyright
14		* notice, this list of conditions and the following disclaimer in the
15		* documentation and/or other materials provided with the distribution.
16
17		* - Neither the name of the Qualys, Inc. nor the names of its
18		* contributors may be used to endorse or promote products derived from
19		* this software without specific prior written permission.
20		*
21		* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22		* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23		* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24		* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25		* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26		* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27		* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28		* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29		* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30		* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31		* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32		***************************************************************************/
33
34		/**
35		* @file
36		* @author Ivan Ristic <ivanr@webkreator.com>
37		*/
38
39		/* Adapted from the libb64 project (http://sourceforge.net/projects/libb64), which is in public domain. */
40
41		#include "bstr.h"
42		#include "htp_base64.h"
43
44		/**
45		* Decode single base64-encoded character.
46		*
47		* @param[in] value_in
48		* @return decoded character
49		*/
50	939k	int htp_base64_decode_single(signed char value_in) {
51	939k	static const signed char decoding[] = {62, -1, -1, -1, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61,
52	939k	-1, -1, -1, -2, -1, -1, -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17,
53	939k	18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, -1, 26, 27, 28, 29, 30, 31, 32, 33, 34,
54	939k	35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51};
55	939k	static const signed char decoding_size = sizeof (decoding);
56
57	939k	value_in -= 43;
58
59	939k	if ((value_in < 0) \|\| (value_in > decoding_size - 1)) return -1;
60
61	621k	return decoding[(int) value_in];
62	939k	}
63
64		/**
65		* Initialize base64 decoder.
66		*
67		* @param[in] decoder
68		*/
69	2.99k	void htp_base64_decoder_init(htp_base64_decoder *decoder) {
70	2.99k	decoder->step = step_a;
71	2.99k	decoder->plainchar = 0;
72	2.99k	}
73
74		/**
75		* Feed the supplied memory range to the decoder.
76		*
77		* @param[in] decoder
78		* @param[in] _code_in
79		* @param[in] length_in
80		* @param[in] _plaintext_out
81		* @param[in] length_out
82		* @return how many bytes were placed into plaintext output
83		*/
84	2.99k	int htp_base64_decode(htp_base64_decoder decoder, const void _code_in, int length_in, void *_plaintext_out, int length_out) {
85	2.99k	const unsigned char code_in = (const unsigned char )_code_in;
86	2.99k	unsigned char plaintext_out = (unsigned char )_plaintext_out;
87	2.99k	const unsigned char *codechar = code_in;
88	2.99k	unsigned char *plainchar = plaintext_out;
89	2.99k	signed char fragment;
90
91	2.99k	if (length_out <= 0) return 0;
92
93	2.99k	*plainchar = decoder->plainchar;
94
95	2.99k	switch (decoder->step) {
96	138k	while (1) {
97	141k	case step_a:
98	229k	do {
99	229k	if (codechar == code_in + length_in) {
100	727	decoder->step = step_a;
101	727	decoder->plainchar = *plainchar;
102	727	return (int) (plainchar - plaintext_out);
103	727	}
104	229k	fragment = (char) htp_base64_decode_single(*codechar++);
105	229k	} while (fragment < 0);
106	140k	*plainchar = (unsigned char) ((fragment & 0x03f) << 2);
107		/* fall through */
108
109	140k	case step_b:
110	248k	do {
111	248k	if (codechar == code_in + length_in) {
112	1.09k	decoder->step = step_b;
113	1.09k	decoder->plainchar = *plainchar;
114	1.09k	return (int) (plainchar - plaintext_out);
115	1.09k	}
116	247k	fragment = (char) htp_base64_decode_single(*codechar++);
117	247k	} while (fragment < 0);
118	139k	*plainchar++ \|= (fragment & 0x030) >> 4;
119	139k	*plainchar = (unsigned char) ((fragment & 0x00f) << 4);
120	139k	if (--length_out == 0) {
121	0	return (int) (plainchar - plaintext_out);
122	0	}
123		/* fall through */
124
125	139k	case step_c:
126	241k	do {
127	241k	if (codechar == code_in + length_in) {
128	905	decoder->step = step_c;
129	905	decoder->plainchar = *plainchar;
130	905	return (int) (plainchar - plaintext_out);
131	905	}
132	240k	fragment = (char) htp_base64_decode_single(*codechar++);
133	240k	} while (fragment < 0);
134	138k	*plainchar++ \|= (fragment & 0x03c) >> 2;
135	138k	*plainchar = (unsigned char) ((fragment & 0x003) << 6);
136	138k	if (--length_out == 0) {
137	0	return (int) (plainchar - plaintext_out);
138	0	}
139		/* fall through */
140
141	138k	case step_d:
142	222k	do {
143	222k	if (codechar == code_in + length_in) {
144	268	decoder->step = step_d;
145	268	decoder->plainchar = *plainchar;
146	268	return (int) (plainchar - plaintext_out);
147	268	}
148	221k	fragment = (char) htp_base64_decode_single(*codechar++);
149	221k	} while (fragment < 0);
150	138k	*plainchar++ \|= (fragment & 0x03f);
151	138k	if (--length_out == 0) {
152	0	return (int) (plainchar - plaintext_out);
153	0	}
154		/* fall through */
155	138k	}
156	2.99k	}
157
158		/* control should not reach here */
159	0	return plainchar - plaintext_out;
160	2.99k	}
161
162		/**
163		* Base64-decode input, given as bstring.
164		*
165		* @param[in] input
166		* @return new base64-decoded bstring
167		*/
168	0	bstr htp_base64_decode_bstr(bstr input) {
169	0	return htp_base64_decode_mem(bstr_ptr(input), bstr_len(input));
170	0	}
171
172		/**
173		* Base64-decode input, given as memory range.
174		*
175		* @param[in] data
176		* @param[in] len
177		* @return new base64-decoded bstring
178		*/
179	2.99k	bstr htp_base64_decode_mem(const void data, size_t len) {
180	2.99k	htp_base64_decoder decoder;
181	2.99k	bstr *r = NULL;
182
183	2.99k	htp_base64_decoder_init(&decoder);
184
185	2.99k	unsigned char *tmpstr = malloc(len);
186	2.99k	if (tmpstr == NULL) return NULL;
187
188	2.99k	int resulting_len = htp_base64_decode(&decoder, data, (int) len, tmpstr, (int) len);
189	2.99k	if (resulting_len > 0) {
190	2.99k	r = bstr_dup_mem(tmpstr, resulting_len);
191	2.99k	}
192
193	2.99k	free(tmpstr);
194
195	2.99k	return r;
196	2.99k	}

Coverage Report

Created: 2026-03-31 07:45