From 8f94f947f575630200b6602eda64b1172ecae101 Mon Sep 17 00:00:00 2001
From: Gianluca Merlo <gianluca.merlo@gmail.com>
Date: Sat, 19 Mar 2016 02:32:51 +0100
Subject: func_aes: fix misuse of strlen on binary data

The encryption code for AES_ENCRYPT evaluates the length of the data to
be encoded in base64 using strlen. The data is binary, thus the length
of it can be underestimated at the first NULL character.
Reuse the write pointer offset to evaluate it, instead.

ASTERISK-25857 #close

Change-Id: If686b5d570473eb926693c73461177b35b13b186
---
 funcs/func_aes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'funcs/func_aes.c')

diff --git a/funcs/func_aes.c b/funcs/func_aes.c
index 9347b6f8e..d80636f6d 100644
--- a/funcs/func_aes.c
+++ b/funcs/func_aes.c
@@ -146,7 +146,7 @@ static int aes_helper(struct ast_channel *chan, const char *cmd, char *data,
 	}
 
 	if (encrypt) {                            /* if encrypting encode result to base64 */
-		ast_base64encode(buf, (unsigned char *) tmp, strlen(tmp), len);
+		ast_base64encode(buf, (unsigned char *) tmp, tmpP - tmp, len);
 	} else {
 		memcpy(buf, tmp, len);
 	}
-- 
cgit v1.2.3