Merge pull request #16 from rzuckerm/base64-decode-errors

Add error checking to Base64 decode

Author: ghaberek

include/std/base64.e

@@ -21,9 +21,25 @@ constant aleph = {
 	'0','1','2','3','4','5','6','7','8','9','+','/'
 }
 
---#
---# - see also ccha in which inverted decode table is built.
---#
+--# Base64 decode table (-1 is invalid character)
+constant ccha = {
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, 52,
+    53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, -1,
+     0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14, 15,
+    16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, -1,
+    26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41,
+    42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1, -1,
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
+    -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
+}
 --# Pad character is '=' (61)
 --#
 --# encoded output of encode is mo more that 76 characters each.
@@ -154,16 +170,16 @@ end function
 --	 # ##in## ~-- must be a simple sequence of length ##4## to ##76## .
 --
 -- Returns:
--- A **sequence**, base256 decode of passed sequence.
--- the length of data to decode must be a multiple of ##4## .
+-- A **sequence**, base256 decode of passed sequence if the length of
+-- the data to decode is a multiple of ##4## and a valid Base64 code.
+-- Otherwise, -1 is returned.
 --
 -- Comments:
 -- The calling program is expected to strip newlines and so on before calling.
 --
 public function decode(sequence in) 
-	integer len, oidx, case3, tmp
+	integer len, oidx, case3, tmp, index
 	sequence result
-	sequence ccha
 
 	-- TODO: Surely this is not the most efficient way of doing this
 	in = search:match_replace("\r\n", in, "")
@@ -172,23 +188,21 @@ public function decode(sequence in)
 	if remainder(len, 4) != 0 then
 		return -1
 	end if
-	
+
 	oidx = (len / 4) * 3
 	case3 = 3
-	
-	while in[len] = '=' do	--# should only happen 0 1 or 2 times
+
+	tmp = len
+	while len > 0 and in[len] = '=' do	--# should only happen 0 1 or 2 times
 		oidx -= 1
 		case3 = nc3[case3]
 		len -= 1
 	end while
 
-	--#
-	--# invert aleph to a decode table
-	--#
-	ccha = repeat(0, 256)
-	for i = 1 to 64 do
-		ccha[aleph[i]] = i - 1
-	end for	
+	if tmp - len > 2	--# too many pad characters
+	then
+		return -1
+	end if
 
 	result = repeat('?', oidx)
 	for i = oidx to 1 by -1 do
@@ -201,7 +215,19 @@ public function decode(sequence in)
 		--# dmul = {4,16,64}
 		--# ddiv = {16,4,1}
 		--#
-		tmp = remainder(ccha[in[len - 1]], drem[case3]) * dmul[case3]
+		index = ccha[in[len - 1]]
+		if index < 0	--# Invalid character
+		then
+			return -1
+		end if
+
+		tmp = remainder(index, drem[case3]) * dmul[case3]
+		index = ccha[in[len]]
+		if index < 0	--# Invalid character
+		then
+			return -1
+		end if
+
 		tmp += floor(ccha[in[len]] / ddiv[case3])
 		result[i] = tmp
 		len -= ldrop[case3]

tests/t_base64.e

@@ -3,22 +3,88 @@ include std/unittest.e
 include std/base64.e
 
 sequence result, this
+object bad_result
 
 result = encode("a")
+test_equal("1 char encode", result, "YQ==")
 result = decode(result)
-test_equal("1 char conversion", result, "a")
+test_equal("1 char decode", result, "a")
 
 result = encode("12")
+test_equal("2 char encode", result, "MTI=")
 result = decode(result)
-test_equal("2 char conversion", result, "12")
+test_equal("2 char decode", result, "12")
 
 result = encode("XYZ")
+test_equal("3 char encode", result, "WFla")
 result = decode(result)
-test_equal("3 char conversion", result, "XYZ")
+test_equal("3 char decode", result, "XYZ")
+
+constant encode_table = {
+    "AQ==", --# 1
+    "AgI=", --# 2
+    "AwMD", --# 3
+    "BAQEBA==", --# 4
+    "BQUFBQU=", --# 5
+    "BgYGBgYG", --# 6
+    "BwcHBwcHBw==", --# 7
+    "CAgICAgICAg=", --# 8
+    "CQkJCQkJCQkJ", --# 9
+    "CgoKCgoKCgoKCg==", --# 10
+    "CwsLCwsLCwsLCws=", --# 11
+    "DAwMDAwMDAwMDAwM", --# 12
+    "DQ0NDQ0NDQ0NDQ0NDQ==", --# 13
+    "Dg4ODg4ODg4ODg4ODg4=", --# 14
+    "Dw8PDw8PDw8PDw8PDw8P", --# 15
+    "EBAQEBAQEBAQEBAQEBAQEA==", --# 16
+    "ERERERERERERERERERERERE=", --# 17
+    "EhISEhISEhISEhISEhISEhIS", --# 18
+    "ExMTExMTExMTExMTExMTExMTEw==", --# 19
+    "FBQUFBQUFBQUFBQUFBQUFBQUFBQ=", --# 20
+    "FRUVFRUVFRUVFRUVFRUVFRUVFRUV", --# 21
+    "FhYWFhYWFhYWFhYWFhYWFhYWFhYWFg==", --# 22
+    "FxcXFxcXFxcXFxcXFxcXFxcXFxcXFxc=", --# 23
+    "GBgYGBgYGBgYGBgYGBgYGBgYGBgYGBgY", --# 24
+    "GRkZGRkZGRkZGRkZGRkZGRkZGRkZGRkZGQ==", --# 25
+    "GhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGho=", --# 26
+    "GxsbGxsbGxsbGxsbGxsbGxsbGxsbGxsbGxsb", --# 27
+    "HBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHBwcHA==", --# 28
+    "HR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0dHR0=", --# 29
+    "Hh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4e", --# 30
+    "Hx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHx8fHw==", --# 31
+    "ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICA=", --# 32
+    "ISEhISEhISEhISEhISEhISEhISEhISEhISEhISEhISEh", --# 33
+    "IiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiIg==", --# 34
+    "IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyM=", --# 35
+    "JCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQk", --# 36
+    "JSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJSUlJQ==", --# 37
+    "JiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiY=", --# 38
+    "JycnJycnJycnJycnJycnJycnJycnJycnJycnJycnJycnJycnJycn", --# 39
+    "KCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKA==", --# 40
+    "KSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSkpKSk=", --# 41
+    "KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioq", --# 42
+    "KysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKysrKw==", --# 43
+    "LCwsLCwsLCwsLCwsLCwsLCwsLCwsLCwsLCwsLCwsLCwsLCwsLCwsLCwsLCw=", --# 44
+    "LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t", --# 45
+    "Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLg==", --# 46
+    "Ly8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8=", --# 47
+    "MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw", --# 48
+    "MTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMQ==", --# 49
+    "MjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjI=", --# 50
+    "MzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMzMz", --# 51
+    "NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NDQ0NA==", --# 52
+    "NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU1NTU=", --# 53
+    "NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2", --# 54
+    "Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nw==", --# 55
+    "ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg4ODg=", --# 56
+    "OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5OTk5"  --# 57
+}
 
 for i = 1 to 57 do
     this = repeat(i,i)
-    result = decode(encode(this))
+    result = encode(this)
+    test_equal(sprintf("%d byte encode", { i }), result, encode_table[i])
+    result = decode(result)
     test_equal(sprintf("%d byte conversion", { i }), result, this)
 end for
 
@@ -44,5 +110,14 @@ encoded =
 test_equal("Thomas Hobbes' Leviathan encode", encoded, encode(msg, 76))
 test_equal("Thomas Hobbes' Leviathan decode", msg, decode(encoded))
 
+bad_result = decode("aA=")
+test_equal("Length not a multiple of 4", bad_result, -1)
+
+bad_result = decode("a===")
+test_equal("Too many pad characters", bad_result, -1)
+
+bad_result = decode("YX!q")
+test_equal("Invalid base64 character", bad_result, -1)
+
 test_report()