From 7d679cdbe584399ee547c52db92b475271a0a0f4 Mon Sep 17 00:00:00 2001
From: Disconnect3d <dominik.b.czarnota@gmail.com>
Date: Tue, 22 Dec 2020 13:27:01 +0100
Subject: [PATCH] Fix off-by-one in njs_string.c

TL;DR: The `base64url` string is of len 9 but we compared only its first 6 bytes.

This was found with a "cstrnfinder" research and I haven't tested this change (more info https://twitter.com/disconnect3d_pl/status/1339757359896408065). Close this PR if this change is incorrect.
---
 src/njs_string.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/njs_string.c b/src/njs_string.c
index 68e198d62..f0159cdae 100644
--- a/src/njs_string.c
+++ b/src/njs_string.c
@@ -1753,7 +1753,7 @@ njs_string_bytes_from_string(njs_vm_t *vm, const njs_value_t *string,
     } else if (enc.length == 6 && memcmp(enc.start, "base64", 6) == 0) {
         return njs_string_decode_base64(vm, &vm->retval, &str);
 
-    } else if (enc.length == 9 && memcmp(enc.start, "base64url", 6) == 0) {
+    } else if (enc.length == 9 && memcmp(enc.start, "base64url", 9) == 0) {
         return njs_string_decode_base64url(vm, &vm->retval, &str);
     }