Author: rfm
Date: Mon Jun 8 09:14:38 2015
New Revision: 38602
URL: http://svn.gna.org/viewcvs/gnustep?rev=38602&view=rev
Log:
stricter base64 decoding
Modified:
libs/base/trunk/ChangeLog
libs/base/trunk/Source/NSData.m
Modified: libs/base/trunk/ChangeLog
URL:
http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/ChangeLog?rev=38602&r1=38601&r2=38602&view=diff
==============================================================================
--- libs/base/trunk/ChangeLog (original)
+++ libs/base/trunk/ChangeLog Mon Jun 8 09:14:38 2015
@@ -1,3 +1,8 @@
+2015-06-08 Richard Frith-Macdonald <[email protected]>
+
+ * Source/NSData.m: be strict about '=' padding only occurring at end
+ of base64 encoded data.
+
2015-06-04 Richard Frith-Macdonald <[email protected]>
* Source/NSArray.m: Use NSUInteger rather than unsigned, use memory
Modified: libs/base/trunk/Source/NSData.m
URL:
http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/Source/NSData.m?rev=38602&r1=38601&r2=38602&view=diff
==============================================================================
--- libs/base/trunk/Source/NSData.m (original)
+++ libs/base/trunk/Source/NSData.m Mon Jun 8 09:14:38 2015
@@ -598,7 +598,7 @@
result = (unsigned char*)malloc(declen);
dst = result;
- while ((src != end) && *src != '\0')
+ while (src != end)
{
int c = *src++;
@@ -624,6 +624,17 @@
}
else if (c == '=')
{
+ /* Only legal as padding at end of string */
+ while (src != end)
+ {
+ c = *src++;
+ if (c != '=')
+ {
+ free(result);
+ DESTROY(self);
+ return nil;
+ }
+ }
c = -1;
}
else if (options & NSDataBase64DecodingIgnoreUnknownCharacters)
_______________________________________________
Gnustep-cvs mailing list
[email protected]
https://mail.gna.org/listinfo/gnustep-cvs
