highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-11-11 06:28:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Reject incorrect base64 in HTTP auth

Browse Source 
In addition, to make sure that no call site ignores the invalid
decoding status, make the pf_invalid argument mandatory.
This commit is contained in:
Pieter Wuille
2022-04-08 23:17:01 -04:00
committed by MacroFake
parent d648b5120b
commit a4377a0843
5 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/util/strencodings.cpp
View File

@@ -167,7 +167,7 @@ std::vector<unsigned char> DecodeBase64(const char* p, bool* pf_invalid)
++p;
}
valid = valid && (p - e) % 4 == 0 && p - q < 4;
if (pf_invalid) *pf_invalid = !valid;
*pf_invalid = !valid;
return ret;
}
@@ -175,9 +175,7 @@ std::vector<unsigned char> DecodeBase64(const char* p, bool* pf_invalid)
std::string DecodeBase64(const std::string& str, bool* pf_invalid)
{
if (!ValidAsCString(str)) {
if (pf_invalid) {
*pf_invalid = true;
}
*pf_invalid = true;
return {};
}
std::vector<unsigned char> vchRet = DecodeBase64(str.c_str(), pf_invalid);
@@ -245,7 +243,7 @@ std::vector<unsigned char> DecodeBase32(const char* p, bool* pf_invalid)
++p;
}
valid = valid && (p - e) % 8 == 0 && p - q < 8;
if (pf_invalid) *pf_invalid = !valid;
*pf_invalid = !valid;
return ret;
}
@@ -253,9 +251,7 @@ std::vector<unsigned char> DecodeBase32(const char* p, bool* pf_invalid)
std::string DecodeBase32(const std::string& str, bool* pf_invalid)
{
if (!ValidAsCString(str)) {
if (pf_invalid) {
*pf_invalid = true;
}
*pf_invalid = true;
return {};
}
std::vector<unsigned char> vchRet = DecodeBase32(str.c_str(), pf_invalid);