fixed a bug in the base64 hanlding that led to auth failures for some

[samba.git] / source / web / cgi.c

diff --git a/source/web/cgi.c b/source/web/cgi.c
index 1a9d34d0047dc4497857bca8ef3f2c29c609ec45..ce1038231b173bf746c01ca473fda7f898780e9d 100644 (file)
--- a/source/web/cgi.c
+++ b/source/web/cgi.c
@@ -431,11 +431,11 @@ decode a base64 string in-place - simple and slow algorithm
 static void base64_decode(char *s)
 {
        char *b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-       int bit_offset, byte_offset, idx, i;
+       int bit_offset, byte_offset, idx, i, n;
        unsigned char *d = (unsigned char *)s;
        char *p;
 
-       i=0;
+       n=i=0;
 
        while (*s && (p=strchr(b64,*s))) {
                idx = (int)(p - b64);
@@ -444,13 +444,17 @@ static void base64_decode(char *s)
                d[byte_offset] &= ~((1<<(8-bit_offset))-1);
                if (bit_offset < 3) {
                        d[byte_offset] |= (idx << (2-bit_offset));
+                       n = byte_offset+1;
                } else {
                        d[byte_offset] |= (idx >> (bit_offset-2));
                        d[byte_offset+1] = 0;
                        d[byte_offset+1] |= (idx << (8-(bit_offset-2))) & 0xFF;
+                       n = byte_offset+2;
                }
                s++; i++;
        }
+       /* null terminate */
+       d[n] = 0;
 }
 
 
@@ -499,7 +503,7 @@ static void cgi_download(char *file)
 
        /* sanitise the filename */
        for (i=0;file[i];i++) {
-               if (!isalnum(file[i]) && !strchr("/.-_", file[i])) {
+               if (!isalnum((int)file[i]) && !strchr("/.-_", file[i])) {
                        cgi_setup_error("404 File Not Found","",
                                        "Illegal character in filename");
                }