DO NOT REPLY [Bug 3584] New: base64 function does not pad output correctly

samba-bugs at samba-bugs at
Mon Mar 6 11:19:13 GMT 2006

           Summary: base64 function does not pad output correctly
           Product: rsync
           Version: 2.6.6
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P3
         Component: core
        AssignedTo: wayned at
        ReportedBy: mathijs at
         QAContact: rsync-qa at

The base64 function in authenticate.c does not correcly pad the output data.
This can easily be seen by having it encode N bytes of data, where N is -not- a
multiple of 3. For instance:

base64("123")  == "MTIz"   (correct value: "MTIz")
base64("1234") == "MTIzNA" (correct value: "MTIzNA==")

Because of this bug, HTTP Basic authentication may not work correctly,
depending on the length of the username and password.

The patch below fixes this problem.


--- rsync-2.6.6/authenticate.c-orig     2006-03-06 11:10:23.000000000 +0100
+++ rsync-2.6.6/authenticate.c  2006-03-06 11:10:54.000000000 +0100
@@ -49,6 +49,9 @@
                out[i] = b64[idx];
+       while ((i % 4) > 0)
+               out[i++] = '=';

 /* Generate a challenge buffer and return it base64-encoded. */

Configure bugmail:
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

More information about the rsync mailing list