From f701d702e4363a48688412c1e376437497f06111 Mon Sep 17 00:00:00 2001 From: Maksim Kostin Date: Mon, 13 Nov 2023 11:27:44 +0300 Subject: [PATCH] Fix buffer overflow in FBX::Util::DecodeBase64() --- code/AssetLib/FBX/FBXUtil.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/AssetLib/FBX/FBXUtil.cpp b/code/AssetLib/FBX/FBXUtil.cpp index ac465d6e9..e2903c536 100644 --- a/code/AssetLib/FBX/FBXUtil.cpp +++ b/code/AssetLib/FBX/FBXUtil.cpp @@ -155,7 +155,7 @@ size_t DecodeBase64(const char* in, size_t inLength, uint8_t* out, size_t maxOut const size_t realLength = inLength - size_t(in[inLength - 1] == '=') - size_t(in[inLength - 2] == '='); size_t dst_offset = 0; int val = 0, valb = -8; - for (size_t src_offset = 0; src_offset < realLength; ++src_offset) + for (size_t src_offset = 0; src_offset < realLength && dst_offset < maxOutLength; ++src_offset) { const uint8_t table_value = Util::DecodeBase64(in[src_offset]); if (table_value == 255)