Base64 decoder crashing for malformed inputstring with length < 4
Original Reporter info from Mantis: wp @wpam
-
Reporter name:
Original Reporter info from Mantis: wp @wpam
- Reporter name:
Description:
According to the header of the unit base64, the decoder "handles apparently truncated input streams gracefully" in MIME mode.
This is not true if the input string is shorter than 4 characters --> EStreamError with message "Invalid stream operation" in file 'base64.pp' at line 417
Steps to reproduce:
The attached demo decodes four malformed base64 strings taken from the wikipedia article on base64 (https://en.wikipedia.org/wiki/Base64).
The first two input strings are longer than 4 base64 characters and they decode without a crash (although not correctly - they are truncated).
The last two input strings are shorter than 4 base64 characters and crash the demo with the above mentioned error message.
In this case the line 249 of function TBase64DecodingStream.GetSize in base64.pp,
Result := (Result div 4) * 3; // number of valid 4 byte blocks times 3
calculates 0 bytes to process, and this crashes the "OutStream.CopyFrom(...)" (line 436 in function DecodeStringBase64) because the TBase64DecodingStream is not seekable.
Additional information:
As a workaround the input string could be padded automatically to have complete groups of four base64 characters.
Mantis conversion info:
- Mantis ID: 34071
- Version: 3.0.4
- Fixed in version: 3.1.1
- Fixed in revision: 39551 (#4700e982)
- Target version: 3.2.0