From fe0ec4a42d8ef0e2460f4f61b038fd823f128ab5 Mon Sep 17 00:00:00 2001
From: Peter Conrad <conrad@quisquis.de>
Date: Sun, 26 Jul 2015 17:27:12 +0200
Subject: [PATCH] Added FC_ASSERT to prevent buffer overflow

---
 src/crypto/base58.cpp         |  2 +-
 tests/crypto/base_n_tests.cpp | 11 +++++++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/crypto/base58.cpp b/src/crypto/base58.cpp
index f7fc37e..e1d5d33 100644
--- a/src/crypto/base58.cpp
+++ b/src/crypto/base58.cpp
@@ -631,7 +631,7 @@ size_t from_base58( const std::string& base58_str, char* out_data, size_t out_da
   if( !DecodeBase58( base58_str.c_str(), out ) ) {
     FC_THROW_EXCEPTION( parse_error_exception, "Unable to decode base58 string ${base58_str}", ("base58_str",base58_str) );
   }
-  
+  FC_ASSERT( out.size() <= out_data_len );
   memcpy( out_data, out.data(), out.size() );
   return out.size();
 }
diff --git a/tests/crypto/base_n_tests.cpp b/tests/crypto/base_n_tests.cpp
index 3b4fdc3..b3e65ac 100644
--- a/tests/crypto/base_n_tests.cpp
+++ b/tests/crypto/base_n_tests.cpp
@@ -5,6 +5,7 @@
 #include <fc/crypto/base36.hpp>
 #include <fc/crypto/base58.hpp>
 #include <fc/crypto/base64.hpp>
+#include <fc/exception/exception.hpp>
 
 #include <iostream>
 
@@ -94,9 +95,15 @@ static void test_58( const std::string& test, const std::string& expected )
     BOOST_CHECK( !memcmp( vec.data(), dec.data(), vec.size() ) );
 
     char buffer[64];
-    size_t len = fc::from_base58( enc1, buffer, 16 );
-    BOOST_CHECK( len <= 16 );
+    size_t len = fc::from_base58( enc1, buffer, 64 );
+    BOOST_CHECK( len <= 64 );
     BOOST_CHECK( !memcmp( vec.data(), buffer, len ) );
+    if ( len > 10 ) {
+        try {
+            len = fc::from_base58( enc1, buffer, 10 );
+            BOOST_CHECK( len <= 10 );
+        } catch ( fc::exception expected ) {}
+    }
 
 }