Re: Bug in std/base64.e
- Posted by rzuckerm 4 weeks ago
- 1684 views
The decode function does not do any error checking except for making sure that the length of the input is a multiple of 4. Here are some checks that I think is needs to have:
- Make sure that there are no more than 2 pad characters at the end
- Once pads are removed from the end, make sure that all characters are valid Base64
Also, the documentation does not mention that -1 is output if the input has any errors.
I'm not seeing how this is a bug? Not trying to be pedantic; just want to make sure you didn't leave out some unexpected behavior you're experiencing when using the library. I agree it needs improvement. Looking at the code I see several ways we could make this better.
Sorry, but I think this is a bug. The current library code will attempt to do a conversion on something that is not valid Base64. Here's a simplified example:
include std/base64.e sequence x = "YX!q" sequence y = base64:decode(x) printf(1, "'%s'\n", {y})
This produces 'ap*'. I don't think the code should be interpreting the ! character. Instead, it should be returning an error result (-1). Also, more than 2 pad characters at the end is not valid Base64. For an input string length modulo 3, the number of pad characters should be the following:
| Mod 3 Value | Pad Characters |
|---|---|
| 0 | 0 |
| 1 | 2 |
| 2 | 1 |
