Overview

File glib2-CVE-2026-1484.patch of Package glib2.42513

diff -urp glib-2.48.2.orig/glib/gbase64.c glib-2.48.2/glib/gbase64.c
--- glib-2.48.2.orig/glib/gbase64.c	2016-08-17 10:20:47.000000000 -0500
+++ glib-2.48.2/glib/gbase64.c	2026-01-27 16:55:59.004890963 -0600
@@ -255,8 +255,10 @@ g_base64_encode (const guchar *data,
                  gsize         len)
 {
   gchar *out;
-  gint state = 0, outlen;
+  gint state = 0;
   gint save = 0;
+  gsize outlen;
+  gsize allocsize;
 
   g_return_val_if_fail (data != NULL || len == 0, NULL);
 
@@ -266,10 +268,15 @@ g_base64_encode (const guchar *data,
     g_error("%s: input too large for Base64 encoding (%"G_GSIZE_FORMAT" chars)",
         G_STRLOC, len);
 
-  out = g_malloc ((len / 3 + 1) * 4 + 1);
+  allocsize = (len / 3 + 1) * 4 + 1;
+  out = g_malloc (allocsize);
 
   outlen = g_base64_encode_step (data, len, FALSE, out, &state, &save);
+  g_assert (outlen <= allocsize);
+
   outlen += g_base64_encode_close (FALSE, out + outlen, &state, &save);
+  g_assert (outlen <= allocsize);
+
   out[outlen] = '\0';
 
   return (gchar *) out;
openSUSE Build Service is sponsored by
Places