iliaa Fri, 26 Nov 2010 20:59:13 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=305779
Log: Fixed bug #52327 (base64_decode() improper handling of leading padding in strict mode) Bug: http://bugs.php.net/52327 (Assigned) base64_decode() improper handling of leading padding. Changed paths: U php/php-src/branches/PHP_5_3/NEWS A php/php-src/branches/PHP_5_3/ext/standard/tests/url/bug52327.phpt U php/php-src/trunk/ext/standard/base64.c A php/php-src/trunk/ext/standard/tests/url/bug52327.phpt Modified: php/php-src/branches/PHP_5_3/NEWS =================================================================== --- php/php-src/branches/PHP_5_3/NEWS 2010-11-26 18:25:13 UTC (rev 305778) +++ php/php-src/branches/PHP_5_3/NEWS 2010-11-26 20:59:13 UTC (rev 305779) @@ -7,6 +7,8 @@ - Core: . Fixed extract() to do not overwrite $GLOBALS and $this when using EXTR_OVERWRITE. (jorto at redhat dot com) + . Fixed bug #52327 (base64_decode() improper handling of leading padding in + strict mode). (Ilia) . Fixed bug #53304 (quot_print_decode does not handle lower-case hex digits). (Ilia, daniel dot mueller at inexio dot net) . Fixed bug #47168 (printf of floating point variable prints maximum of 40 Added: php/php-src/branches/PHP_5_3/ext/standard/tests/url/bug52327.phpt =================================================================== --- php/php-src/branches/PHP_5_3/ext/standard/tests/url/bug52327.phpt (rev 0) +++ php/php-src/branches/PHP_5_3/ext/standard/tests/url/bug52327.phpt 2010-11-26 20:59:13 UTC (rev 305779) @@ -0,0 +1,12 @@ +--TEST-- +Bug #52327 (base64_decode() improper handling of leading padding) +--FILE-- +<?php +var_dump( + base64_decode('=VGhl=ICc9=JyBz=eW1i=b2xz=IGFy=ZW4n=dCBh=bGxv=d2Vk=IHdo=ZXJl=IGkg=cHV0=IHRo=ZW0g=by5P'), + base64_decode('=VGhl=ICc9=JyBz=eW1i=b2xz=IGFy=ZW4n=dCBh=bGxv=d2Vk=IHdo=ZXJl=IGkg=cHV0=IHRo=ZW0g=by5P', true) +); +?> +--EXPECT-- +string(51) "The '=' symbols aren't allowed where i put them o.O" +bool(false) Modified: php/php-src/trunk/ext/standard/base64.c =================================================================== --- php/php-src/trunk/ext/standard/base64.c 2010-11-26 18:25:13 UTC (rev 305778) +++ php/php-src/trunk/ext/standard/base64.c 2010-11-26 20:59:13 UTC (rev 305779) @@ -152,7 +152,7 @@ /* run through the whole string, converting as we go */ while ((ch = *current++) != '\0' && length-- > 0) { if (ch == base64_pad) { - if (*current != '=' && (i % 4) == 1) { + if (*current != '=' && ((i % 4) == 1 || (strict && length > 0))) { efree(result); return NULL; } Added: php/php-src/trunk/ext/standard/tests/url/bug52327.phpt =================================================================== --- php/php-src/trunk/ext/standard/tests/url/bug52327.phpt (rev 0) +++ php/php-src/trunk/ext/standard/tests/url/bug52327.phpt 2010-11-26 20:59:13 UTC (rev 305779) @@ -0,0 +1,12 @@ +--TEST-- +Bug #52327 (base64_decode() improper handling of leading padding) +--FILE-- +<?php +var_dump( + base64_decode('=VGhl=ICc9=JyBz=eW1i=b2xz=IGFy=ZW4n=dCBh=bGxv=d2Vk=IHdo=ZXJl=IGkg=cHV0=IHRo=ZW0g=by5P'), + base64_decode('=VGhl=ICc9=JyBz=eW1i=b2xz=IGFy=ZW4n=dCBh=bGxv=d2Vk=IHdo=ZXJl=IGkg=cHV0=IHRo=ZW0g=by5P', true) +); +?> +--EXPECT-- +string(51) "The '=' symbols aren't allowed where i put them o.O" +bool(false)
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php