ASan: dynamic-stack-buffer-overflow on unit test of access_control plugin

[masaori335]

The master branch has build failure on fedora & freebsd. It looks like 1ad4e81 triggered the crash on unit test of access_control plugin with ASan.

FAIL: experimental/access_control/test_access_control
=====================================================

=================================================================
==12661==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address 0x7ffc123c7f10 at pc 0x7fb620c2d2d5 bp 0x7ffc123c7e80 sp 0x7ffc123c7e70
READ of size 1 at 0x7ffc123c7f10 thread T0
    #0 0x7fb620c2d2d4 in ats_base64_decode(char const*, unsigned long, unsigned char*, unsigned long, unsigned long*) ../../../src/tscore/ink_base64.cc:139
    #1 0x65a8c8 in cryptoBase64Decode(char const*, unsigned long, char*, unsigned long) ../../plugins/experimental/access_control/utils.cc:353
    #2 0x65a8c8 in cryptoModifiedBase64Decode(char const*, unsigned long, char*, unsigned long) ../../plugins/experimental/access_control/utils.cc:430
    #3 0x64711a in ____C_A_T_C_H____T_E_S_T____16 ../../plugins/experimental/access_control/unit_tests/test_utils.cc:217
    #4 0x485102 in Catch::TestInvokerAsFunction::invoke() const ../../tests/include/catch.hpp:14036
    #5 0x485102 in Catch::TestCase::invoke() const ../../tests/include/catch.hpp:13929
    #6 0x485102 in Catch::RunContext::invokeActiveTestCase() ../../tests/include/catch.hpp:12791
    #7 0x4f9606 in Catch::RunContext::runCurrentTest(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&) ../../tests/include/catch.hpp:12764
    #8 0x542dcf in Catch::RunContext::runTest(Catch::TestCase const&) ../../tests/include/catch.hpp:12525
    #9 0x564107 in execute ../../tests/include/catch.hpp:13119
    #10 0x564107 in Catch::Session::runInternal() ../../tests/include/catch.hpp:13325
    #11 0x5663a1 in Catch::Session::run() ../../tests/include/catch.hpp:13281
    #12 0x45e7eb in int Catch::Session::run<char>(int, char const* const*) ../../tests/include/catch.hpp:13003
    #13 0x45e7eb in int Catch::Session::run<char>(int, char const* const*) ../../tests/include/catch.hpp:12998
    #14 0x45e7eb in main ../../tests/include/catch.hpp:17164
    #15 0x7fb620310081 in __libc_start_main (/lib64/libc.so.6+0x27081)
    #16 0x461ddd in _start (/var/jenkins/workspace/fedora_32-master/compiler/gcc/label/fedora_32/type/release/build/BUILDS/plugins/experimental/access_control/.libs/lt-test_access_control+0x461ddd)

Address 0x7ffc123c7f10 is located in stack of thread T0
SUMMARY: AddressSanitizer: dynamic-stack-buffer-overflow ../../../src/tscore/ink_base64.cc:139 in ats_base64_decode(char const*, unsigned long, unsigned char*, unsigned long, unsigned long*)
Shadow bytes around the buggy address:
  0x100002470f90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x100002470fa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x100002470fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x100002470fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x100002470fd0: 00 00 00 00 00 00 00 00 00 00 00 00 ca ca ca ca
=>0x100002470fe0: 00 00[cb]cb cb cb cb cb 00 00 00 00 00 00 00 00
  0x100002470ff0: 00 00 f1 f1 f1 f1 00 f3 f3 f3 00 00 00 00 00 00
  0x100002471000: 00 00 00 00 ca ca ca ca 00 00 04 cb cb cb cb cb
  0x100002471010: 00 00 00 00 ca ca ca ca 00 00 04 cb cb cb cb cb
  0x100002471020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x100002471030: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 f1 f1 f8 f2
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==12661==ABORTING

https://ci.trafficserver.apache.org/view/10.x%20master/job/fedora_32-master/compiler=gcc,label=fedora_32,type=release/269/console

On FreeBSD, the unit test is failed without ASan. The root cause might be the same.

FAIL: experimental/access_control/test_access_control
=====================================================


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
test_access_control is a Catch v2.11.0 host application.
Run with -? for options

-------------------------------------------------------------------------------
Base64: modified encode / decode with '+', '/' and various paddings
-------------------------------------------------------------------------------
../../plugins/experimental/access_control/unit_tests/test_utils.cc:198
...............................................................................

../../plugins/experimental/access_control/unit_tests/test_utils.cc:221: FAILED:
  CHECK( strlen(decoded[i]) == decodedMessageLen )
with expansion:
  12 == 13
with messages:
  i := 0
  decoded[i] := "ts>ts?ts!!!!"
  std::string(decodedMessage) := "ts>ts?ts!!!!�"

https://ci.trafficserver.apache.org/view/10.x%20master/job/freebsd_12-master/compiler=clang,label=freebsd_12,type=release/1622/console

[maskit]

Fedora32-master and FreeBSD12-master were fixed.