View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0034071 | FPC | FCL | public | 2018-07-31 23:47 | 2018-08-02 23:06 |
Reporter | wp | Assigned To | Michael Van Canneyt | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 3.0.4 | Product Build | |||
Target Version | 3.2.0 | Fixed in Version | 3.1.1 | ||
Summary | 0034071: Base64 decoder crashing for malformed inputstring with length < 4 | ||||
Description | According to the header of the unit base64, the decoder "handles apparently truncated input streams gracefully" in MIME mode. This is not true if the input string is shorter than 4 characters --> EStreamError with message "Invalid stream operation" in file 'base64.pp' at line 417 | ||||
Steps To Reproduce | The attached demo decodes four malformed base64 strings taken from the wikipedia article on base64 (https://en.wikipedia.org/wiki/Base64). The first two input strings are longer than 4 base64 characters and they decode without a crash (although not correctly - they are truncated). The last two input strings are shorter than 4 base64 characters and crash the demo with the above mentioned error message. In this case the line 249 of function TBase64DecodingStream.GetSize in base64.pp, Result := (Result div 4) * 3; // number of valid 4 byte blocks times 3 calculates 0 bytes to process, and this crashes the "OutStream.CopyFrom(...)" (line 436 in function DecodeStringBase64) because the TBase64DecodingStream is not seekable. | ||||
Additional Information | As a workaround the input string could be padded automatically to have complete groups of four base64 characters. | ||||
Tags | No tags attached. | ||||
Fixed in Revision | 39551 | ||||
FPCOldBugId | |||||
FPCTarget | |||||
Attached Files |
|
|
decodestringbase64_crash.zip (1,193 bytes) |
|
Fixed the bug by padding input, as suggested. Thanks ! |
|
Thanks. |
Date Modified | Username | Field | Change |
---|---|---|---|
2018-07-31 23:47 | wp | New Issue | |
2018-07-31 23:47 | wp | File Added: decodestringbase64_crash.zip | |
2018-08-01 00:05 | Michael Van Canneyt | Assigned To | => Michael Van Canneyt |
2018-08-01 00:05 | Michael Van Canneyt | Status | new => assigned |
2018-08-02 15:10 | Michael Van Canneyt | Fixed in Revision | => 39551 |
2018-08-02 15:10 | Michael Van Canneyt | Note Added: 0109840 | |
2018-08-02 15:10 | Michael Van Canneyt | Status | assigned => resolved |
2018-08-02 15:10 | Michael Van Canneyt | Fixed in Version | => 3.1.1 |
2018-08-02 15:10 | Michael Van Canneyt | Resolution | open => fixed |
2018-08-02 15:10 | Michael Van Canneyt | Target Version | => 3.2.0 |
2018-08-02 23:06 | wp | Note Added: 0109847 | |
2018-08-02 23:06 | wp | Status | resolved => closed |