lishuxu commented on code in PR #600:
URL: https://github.com/apache/iceberg-cpp/pull/600#discussion_r2979753229
##########
src/iceberg/util/transform_util.cc:
##########
@@ -283,4 +283,40 @@ std::string TransformUtil::Base64Encode(std::string_view
str_to_encode) {
return encoded;
}
+Result<std::string> TransformUtil::Base64UrlDecode(std::string_view
str_to_decode) {
+ std::string decoded;
+ decoded.reserve(str_to_decode.size() * 3 / 4);
+
+ uint32_t val = 0;
+ int32_t bits = 0;
+ for (char c : str_to_decode) {
+ if (c == '=') break;
+ int8_t v = -1;
+ if (c >= 'A' && c <= 'Z')
+ v = static_cast<int8_t>(c - 'A');
+ else if (c >= 'a' && c <= 'z')
+ v = static_cast<int8_t>(c - 'a' + 26);
+ else if (c >= '0' && c <= '9')
+ v = static_cast<int8_t>(c - '0' + 52);
+ else if (c == '-' || c == '+')
+ v = 62;
+ else if (c == '_' || c == '/')
+ v = 63;
Review Comment:
`Base64UrlDecode` accepts `+` and `/` which are standard Base64 characters,
not Base64Url. This means inputs that should be rejected are silently accepted,
which contradicts the function name and the error message.
Base64Url spec only uses `-` (62) and `_` (63). `+` and `/` should fall
through to the invalid character check.
Suggested fix:
else if (c == '-')
v = 62;
else if (c == '_')
v = 63;
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
