From 53df35eef3058781cbbf5940d23b8e8e0e67d23b Mon Sep 17 00:00:00 2001
From: Edward Hennis <ed@ripple.com>
Date: Wed, 21 Jul 2021 18:10:45 -0400
Subject: [PATCH] Address OOB read in the base58 decoder:

Under some circumstances, it is possible to induce an out-of-bounds
memory read in the base58 decoder.

This commit addresses this issue.

Acknowledgements:
    Guido Vranken for discovering and responsibly disclosing this issue.

Bug Bounties and Responsible Disclosures:
    We welcome reviews of the rippled code and urge researchers to
    responsibly disclose any issues they may find.

    Ripple is generously sponsoring a bug bounty program for the
    rippled project. For more information please visit:

        https://ripple.com/bug-bounty
---
 src/ripple/protocol/impl/tokens.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/ripple/protocol/impl/tokens.cpp b/src/ripple/protocol/impl/tokens.cpp
index ea08d636d9..816d49e40d 100644
--- a/src/ripple/protocol/impl/tokens.cpp
+++ b/src/ripple/protocol/impl/tokens.cpp
@@ -149,7 +149,7 @@ encodeBase58(
 static std::string
 decodeBase58(std::string const& s)
 {
-    auto psz = s.c_str();
+    auto psz = reinterpret_cast<unsigned char const*>(s.c_str());
     auto remain = s.size();
     // Skip and count leading zeroes
     int zeroes = 0;