From 5b42aa777136a10ee7895c94f0e10d9c1f1609d0 Mon Sep 17 00:00:00 2001
From: Tom Carroll <incentivedesign@gmail.com>
Date: Mon, 17 May 2021 23:58:23 -0700
Subject: [PATCH] Correct calculation of base64 encode buffer length.

In the previous formulation, it would first multiple then divide. It would then
promote to unsigned int. The formula would overflow for large len. For example,
needed = 2 when len == INT_MAX. In the revised formulation, it is promoted,
divided, then multiplied. The revised calculation avoids the overflow and
computes needed correctly over len in {0, 1, ..., INT_MAX}.  For len == INT_MAX,
needed is correctly computed as 2863311533.

Signed-off-by: Tom Carroll <incentivedesign@gmail.com>
---
 http-auth.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/http-auth.c b/http-auth.c
index 8c3270b7..d6e2c6b7 100644
--- a/http-auth.c
+++ b/http-auth.c
@@ -119,7 +119,7 @@ void buf_append_base64(struct oc_text_buf *buf, const void *bytes, int len,
 	if (!buf || buf->error)
 		return;
 
-	unsigned int needed = (4 * (len + 2) / 3) + 1;
+	unsigned int needed = ((len + 2u) / 3) * 4 + 1;
 	if (line_len)
 		needed += needed / line_len;
 
-- 
2.49.0