Hi, I remember I have reported this long time ago and I am surprised that fix is not in the CVS. The problem is not in [] operator, but order of execution (from left to right or from right to left) is not defined in C++ specification for | operator and it is left to compiler to decide should right side be executed before left side of | operator. This line should be broken into:
t = ((m_inputBuffer[i++] << 4) & 0x30); t |= (m_inputBuffer[i] >> 4); Best regards, Milan > -----Original Message----- > From: David Landwehr [mailto:[EMAIL PROTECTED] > Sent: Tuesday, March 08, 2005 10:34 PM > To: security-dev@xml.apache.org > Subject: Bug in XSCryptCryptoBase64.cpp > > > Hi, > > The XSCryptCryptoBase64 has a bug in the base 64 encoding > routine (encode). The problem is the following type of logic: > > t = ((m_inputBuffer[i++] << 4) & 0x30) | (m_inputBuffer[i] >> 4); > > Normally i will only be increment after the entire > expression, so it is identical to: > t = ((m_inputBuffer[i] << 4) & 0x30) | (m_inputBuffer[i] >> 4); > i++; > > However because Microsoft Visual C Compiler seems to have a > problem with overloaded [] operator, your code works as you > original expected when you compile in Debug mode. That is it > will increment i just before evaluating the r-value of the |. > In Release mode however the compiler will evaluate the > expression in the correct form: > t = ((m_inputBuffer[i] << 4) & 0x30) | (m_inputBuffer[i] >> 4); > > And this makes an incorrect base 64 encoding. > > To solve the problem you should write the code as: > t = ((m_inputBuffer[i] << 4) & 0x30) | (m_inputBuffer[i+1] >> 4); > i++; > > Best regards, > David > > PS for fun, this is a piece of code demonstrating the problem > in MVC (try compile it in Release and Debug mode and see the > difference in output): class test { > int* b; > public: > test() { > b = new int[2]; > b[0] = 0x0f; > b[1] = 0xf0; > } > > > int operator [](int i) { > return b[i]; > } > }; > > int _tmain(int argc, _TCHAR* argv[]) > { > test b; > int i=0; > //t = ((m_inputBuffer[i++] << 2) & 0x3C) | (m_inputBuffer[i] >> 6); > > int k = ((b[i++]<<4) & 0xff ) | (b[i] >> 4); > > printf("The correct value should be 0x0f=0x%x, i=%d\n", k, i); > > return 0; > } >
