View Issue Details

IDProjectCategoryView StatusLast Update
0034071FPCFCLpublic2018-08-02 23:06
ReporterwpAssigned ToMichael Van Canneyt 
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version3.0.4Product Build 
Target Version3.2.0Fixed in Version3.1.1 
Summary0034071: Base64 decoder crashing for malformed inputstring with length < 4
DescriptionAccording to the header of the unit base64, the decoder "handles apparently truncated input streams gracefully" in MIME mode.

This is not true if the input string is shorter than 4 characters --> EStreamError with message "Invalid stream operation" in file 'base64.pp' at line 417
Steps To ReproduceThe attached demo decodes four malformed base64 strings taken from the wikipedia article on base64 (https://en.wikipedia.org/wiki/Base64).

The first two input strings are longer than 4 base64 characters and they decode without a crash (although not correctly - they are truncated).

The last two input strings are shorter than 4 base64 characters and crash the demo with the above mentioned error message.

In this case the line 249 of function TBase64DecodingStream.GetSize in base64.pp,

  Result := (Result div 4) * 3; // number of valid 4 byte blocks times 3

calculates 0 bytes to process, and this crashes the "OutStream.CopyFrom(...)" (line 436 in function DecodeStringBase64) because the TBase64DecodingStream is not seekable.
Additional InformationAs a workaround the input string could be padded automatically to have complete groups of four base64 characters.
TagsNo tags attached.
Fixed in Revision39551
FPCOldBugId
FPCTarget
Attached Files

Activities

wp

2018-07-31 23:47

reporter  

decodestringbase64_crash.zip (1,193 bytes)

Michael Van Canneyt

2018-08-02 15:10

administrator   ~0109840

Fixed the bug by padding input, as suggested. Thanks !

wp

2018-08-02 23:06

reporter   ~0109847

Thanks.

Issue History

Date Modified Username Field Change
2018-07-31 23:47 wp New Issue
2018-07-31 23:47 wp File Added: decodestringbase64_crash.zip
2018-08-01 00:05 Michael Van Canneyt Assigned To => Michael Van Canneyt
2018-08-01 00:05 Michael Van Canneyt Status new => assigned
2018-08-02 15:10 Michael Van Canneyt Fixed in Revision => 39551
2018-08-02 15:10 Michael Van Canneyt Note Added: 0109840
2018-08-02 15:10 Michael Van Canneyt Status assigned => resolved
2018-08-02 15:10 Michael Van Canneyt Fixed in Version => 3.1.1
2018-08-02 15:10 Michael Van Canneyt Resolution open => fixed
2018-08-02 15:10 Michael Van Canneyt Target Version => 3.2.0
2018-08-02 23:06 wp Note Added: 0109847
2018-08-02 23:06 wp Status resolved => closed