check identity buffer size

AddressBook.cpp

@@ -188,7 +188,8 @@ namespace client
 		}	
 		// if not .b32 we assume full base64 address
 		i2p::data::IdentityEx dest;
-		dest.FromBase64 (address); 
+		if (!dest.FromBase64 (address))
+			return false;
 		ident = dest.GetIdentHash ();
 		return true;
 	}

Identity.cpp

@@ -157,14 +157,27 @@ namespace data
 		
 	size_t IdentityEx::FromBuffer (const uint8_t * buf, size_t len)
 	{
+		if (len < DEFAULT_IDENTITY_SIZE)
+		{
+			LogPrint (eLogError, "Identity buffer length ", len, " is too small");
+			return 0;
+		}	
 		memcpy (&m_StandardIdentity, buf, DEFAULT_IDENTITY_SIZE);
 
 		delete[] m_ExtendedBuffer;
 		if (m_StandardIdentity.certificate.length)
 		{
 			m_ExtendedLen = be16toh (m_StandardIdentity.certificate.length);
-			m_ExtendedBuffer = new uint8_t[m_ExtendedLen];
-			memcpy (m_ExtendedBuffer, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen);
+			if (m_ExtendedLen + DEFAULT_IDENTITY_SIZE <= len)
+			{	
+				m_ExtendedBuffer = new uint8_t[m_ExtendedLen];
+				memcpy (m_ExtendedBuffer, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen);
+			}	
+			else
+			{
+				LogPrint (eLogError, "Certificate length ", m_ExtendedLen, " exceeds buffer length ", len - DEFAULT_IDENTITY_SIZE);
+				return 0;
+			}	
 		}		
 		else
 		{

base64.cpp

@@ -79,7 +79,7 @@ namespace data
 		     outCount = 4*n;
 		else
 		     outCount = 4*(n+1);
-		if (outCount > len) return -1;
+		if (outCount > len) return 0;
 		pd = (unsigned char *)OutBuffer;
 		for ( i = 0; i<n; i++ ){
 		     acc_1 = *ps++;
@@ -158,7 +158,7 @@ namespace data
 		     outCount = 3*n;
 		else {
 		     outCount = 0;
-		     return -1;
+		     return 0;
 		}
 		
 		ps = (unsigned char *)(InBuffer + InCount - 1);