Skip to content

common: improve error handling in macaron::Base64::Decode()#15590

Merged
caolanm merged 1 commit intomainfrom
private/vmiklos/main
Apr 20, 2026
Merged

common: improve error handling in macaron::Base64::Decode()#15590
caolanm merged 1 commit intomainfrom
private/vmiklos/main

Conversation

@vmiklos
Copy link
Copy Markdown
Contributor

@vmiklos vmiklos commented Apr 20, 2026

Fixes:
common/base64.hpp:112:48: runtime error: index -97 out of bounds for type 'const unsigned char[256]'
#0 0x55de1393893f in macaron::Base64::Decode(std::basic_string_view<char, std::char_traits>, std::__cxx11::basic_string<char, std::char_traits, std::allocator>&) /home/vmiklos/git/collaboraonline/online-fuzz/./common/base64.hpp:112:48
#1 0x55de14576d2b in Util::base64Decode(std::__cxx11::basic_string<char, std::char_traits, std::allocator> const&) /home/vmiklos/git/collaboraonline/online-fuzz/common/Util.cpp:737:9
#2 0x55de13b4104a in JWTAuth::verify(std::__cxx11::basic_string<char, std::char_traits, std::allocator> const&) /home/vmiklos/git/collaboraonline/online-fuzz/wsd/Auth.cpp:131:44
#3 0x55de13941782 in AdminSocketHandler::handleMessage(std::vector<char, std::allocator> const&) /home/vmiklos/git/collaboraonline/online-fuzz/wsd/Admin.cpp:96:34
#4 0x55de14685b71 in LLVMFuzzerTestOneInput /home/vmiklos/git/collaboraonline/online-fuzz/fuzzer/Admin.cpp:39:18
#5 0x55de1382e782 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /home/abuild/rpmbuild/BUILD/llvm19-19.1.7-build/llvm-19.1.7.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:614:13
#6 0x55de13815ea5 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /home/abuild/rpmbuild/BUILD/llvm19-19.1.7-build/llvm-19.1.7.src/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:328:6
#7 0x55de1381c1a8 in fuzzer::FuzzerDriver(int*, char***, int ()(unsigned char const, unsigned long)) /home/abuild/rpmbuild/BUILD/llvm19-19.1.7-build/llvm-19.1.7.src/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:863:9
#8 0x55de138492d3 in main /home/abuild/rpmbuild/BUILD/llvm19-19.1.7-build/llvm-19.1.7.src/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#9 0x7f46ca83033f in __libc_start_call_main (/lib64/libc.so.6+0x2a33f) (BuildId: 09f0d581f82df95136a7f988671000cd633b639d)
#10 0x7f46ca830408 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x2a408) (BuildId: 09f0d581f82df95136a7f988671000cd633b639d)
#11 0x55de13810404 in _start /home/abuild/rpmbuild/BUILD/glibc-2.40-build/glibc-2.40/csu/../sysdeps/x86_64/start.S:115

Signed-off-by: Miklos Vajna vmiklos@collabora.com
Change-Id: Id66ce47f77194fd11ba94000f488f2a257f335bc

@vmiklos
common: improve error handling in macaron::Base64::Decode()
6cae8f1 
Fixes:
	common/base64.hpp:112:48: runtime error: index -97 out of bounds for type 'const unsigned char[256]'
	    #0 0x55de1393893f in macaron::Base64::Decode(std::basic_string_view<char, std::char_traits<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>&) /home/vmiklos/git/collaboraonline/online-fuzz/./common/base64.hpp:112:48
	    #1 0x55de14576d2b in Util::base64Decode(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/vmiklos/git/collaboraonline/online-fuzz/common/Util.cpp:737:9
	    #2 0x55de13b4104a in JWTAuth::verify(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/vmiklos/git/collaboraonline/online-fuzz/wsd/Auth.cpp:131:44
	    #3 0x55de13941782 in AdminSocketHandler::handleMessage(std::vector<char, std::allocator<char>> const&) /home/vmiklos/git/collaboraonline/online-fuzz/wsd/Admin.cpp:96:34
	    #4 0x55de14685b71 in LLVMFuzzerTestOneInput /home/vmiklos/git/collaboraonline/online-fuzz/fuzzer/Admin.cpp:39:18
	    #5 0x55de1382e782 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /home/abuild/rpmbuild/BUILD/llvm19-19.1.7-build/llvm-19.1.7.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:614:13
	    #6 0x55de13815ea5 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /home/abuild/rpmbuild/BUILD/llvm19-19.1.7-build/llvm-19.1.7.src/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:328:6
	    #7 0x55de1381c1a8 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /home/abuild/rpmbuild/BUILD/llvm19-19.1.7-build/llvm-19.1.7.src/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:863:9
	    #8 0x55de138492d3 in main /home/abuild/rpmbuild/BUILD/llvm19-19.1.7-build/llvm-19.1.7.src/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
	    #9 0x7f46ca83033f in __libc_start_call_main (/lib64/libc.so.6+0x2a33f) (BuildId: 09f0d581f82df95136a7f988671000cd633b639d)
	    #10 0x7f46ca830408 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x2a408) (BuildId: 09f0d581f82df95136a7f988671000cd633b639d)
	    #11 0x55de13810404 in _start /home/abuild/rpmbuild/BUILD/glibc-2.40-build/glibc-2.40/csu/../sysdeps/x86_64/start.S:115

Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: Id66ce47f77194fd11ba94000f488f2a257f335bc
@vmiklos vmiklos requested a review from caolanm April 20, 2026 15:54
@vmiklos
Copy link
Copy Markdown
Contributor Author

vmiklos commented Apr 20, 2026

@caolanm could you review this, please? Thanks.

This is a "base64 decoder gets invalid input" case. The macos job failure looks unrelated and it's not a required check.

@caolanm caolanm merged commit 423980c into main Apr 20, 2026
15 of 16 checks passed
@caolanm caolanm deleted the private/vmiklos/main branch April 20, 2026 16:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@caolanm caolanm caolanm approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vmiklos @caolanm