happyfish100 libfastcommon Stack-Based Buffer Overflow Vulnerability in Base64 Decode Function

A heap-based buffer overflow vulnerability exists in happyfish100 libfastcommon versions through 1.0.84. The issue is located in the base64_decode function within src/base64.c. This vulnerability arises from improper length calculations of the destination buffer when the function processes maliciously crafted Base64 input that contains excessive padding or invalid characters. This miscalculation leads to an out-of-bounds write, where a null byte is incorrectly written beyond the allocated buffer, potentially overwriting adjacent memory on the heap.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to memory corruption and arbitrary code execution.

Reproduction

The vulnerability can be reproduced by compiling libfastcommon with Clang, using AddressSanitizer to detect memory errors. After compiling the library, a proof-of-concept (PoC) program can be created and compiled. This PoC program should be designed to read a crafted input file that triggers the buffer overflow when processed by the vulnerable base64_decode function. The input file can be generated or obtained from a public repository, such as the author's repository.

Remediation

Users are advised to update to the latest version of libfastcommon, where this vulnerability has been fixed.