Unverified Commit 9306bc07 authored by Kenton Varda's avatar Kenton Varda Committed by GitHub

Merge pull request #577 from ecatmur/base64-invalid-read

Base64 decoder: invalid write/read
parents 215ef000 c10572fe
...@@ -268,12 +268,24 @@ KJ_TEST("C escape encoding/decoding") { ...@@ -268,12 +268,24 @@ KJ_TEST("C escape encoding/decoding") {
} }
KJ_TEST("base64 encoding/decoding") { KJ_TEST("base64 encoding/decoding") {
{
auto encoded = encodeBase64(StringPtr("").asBytes(), false);
KJ_EXPECT(encoded == "", encoded, encoded.size());
KJ_EXPECT(heapString(decodeBase64(encoded.asArray()).asChars()) == "");
}
{ {
auto encoded = encodeBase64(StringPtr("foo").asBytes(), false); auto encoded = encodeBase64(StringPtr("foo").asBytes(), false);
KJ_EXPECT(encoded == "Zm9v", encoded, encoded.size()); KJ_EXPECT(encoded == "Zm9v", encoded, encoded.size());
KJ_EXPECT(heapString(decodeBase64(encoded.asArray()).asChars()) == "foo"); KJ_EXPECT(heapString(decodeBase64(encoded.asArray()).asChars()) == "foo");
} }
{
auto encoded = encodeBase64(StringPtr("quux").asBytes(), false);
KJ_EXPECT(encoded == "cXV1eA==", encoded, encoded.size());
KJ_EXPECT(heapString(decodeBase64(encoded.asArray()).asChars()) == "quux");
}
{ {
auto encoded = encodeBase64(StringPtr("corge").asBytes(), false); auto encoded = encodeBase64(StringPtr("corge").asBytes(), false);
KJ_EXPECT(encoded == "Y29yZ2U=", encoded); KJ_EXPECT(encoded == "Y29yZ2U=", encoded);
......
...@@ -687,7 +687,9 @@ int base64_decode_block(const char* code_in, const int length_in, ...@@ -687,7 +687,9 @@ int base64_decode_block(const char* code_in, const int length_in,
char* plainchar = plaintext_out; char* plainchar = plaintext_out;
char fragment; char fragment;
if (state_in->step != step_a) {
*plainchar = state_in->plainchar; *plainchar = state_in->plainchar;
}
switch (state_in->step) switch (state_in->step)
{ {
...@@ -697,7 +699,7 @@ int base64_decode_block(const char* code_in, const int length_in, ...@@ -697,7 +699,7 @@ int base64_decode_block(const char* code_in, const int length_in,
do { do {
if (codechar == code_in+length_in) { if (codechar == code_in+length_in) {
state_in->step = step_a; state_in->step = step_a;
state_in->plainchar = *plainchar; state_in->plainchar = '\0';
return plainchar - plaintext_out; return plainchar - plaintext_out;
} }
fragment = (char)base64_decode_value(*codechar++); fragment = (char)base64_decode_value(*codechar++);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment