From: "Alexander V. Tikhonov" <avtikhon@tarantool.org>
To: Sergey Nikiforov <void@tarantool.org>
Cc: tarantool-patches@dev.tarantool.org
Subject: Re: [Tarantool-patches] [PATCH v2] base64: Properly ignore invalid characters
Date: Wed, 30 Dec 2020 14:28:10 +0300 [thread overview]
Message-ID: <20201230112810.GA19419@hpalx> (raw)
In-Reply-To: <20201215142527.560937-1-void@tarantool.org>
Hi Sergey, thanks for the patch, as I see no new degradation found in
gitlab-ci testing commit criteria pipeline [1], patch LGTM.
[1] - https://gitlab.com/tarantool/tarantool/-/pipelines/230156990
On Tue, Dec 15, 2020 at 05:25:27PM +0300, Sergey Nikiforov via Tarantool-patches wrote:
> Not all invalid characters were ignored by base64 decoder
> causing data corruption and reads beyond decode table
> (faults under ASAN).
>
> Added corresponding check into base64 unit test.
>
> Fixes: #5627
> ---
>
> Branch: https://github.com/tarantool/tarantool/tree/void234/gh-5627-fix-base64-invalid-chars-processing
> Issue: https://github.com/tarantool/tarantool/issues/5627
>
> test/unit/base64.c | 23 ++++++++++++++++++++++-
> test/unit/base64.result | 5 ++++-
> third_party/base64.c | 3 ++-
> 3 files changed, 28 insertions(+), 3 deletions(-)
>
> diff --git a/test/unit/base64.c b/test/unit/base64.c
> index ada497adf..c0f53a5e1 100644
> --- a/test/unit/base64.c
> +++ b/test/unit/base64.c
> @@ -58,9 +58,28 @@ base64_nowrap_test(const char *str)
> base64_test(str, BASE64_NOWRAP, symbols, lengthof(symbols));
> }
>
> +static void
> +base64_invalid_chars_test(void)
> +{
> + /* Upper bit must be cleared */
> + const char invalid_data[] = { '\x7b', '\x7c', '\x7d', '\x7e' };
> + char outbuf[8];
> +
> + plan(1);
> +
> + /* Invalid chars should be ignored, not decoded into garbage */
> + is(base64_decode(invalid_data, sizeof(invalid_data),
> + outbuf, sizeof(outbuf)),
> + 0, "ignoring invalid chars");
> +
> + check_plan();
> +}
> +
> int main(int argc, char *argv[])
> {
> - plan(28);
> + plan(28
> + + 1 /* invalid chars test */
> + );
> header();
>
> const char *option_tests[] = {
> @@ -78,6 +97,8 @@ int main(int argc, char *argv[])
> base64_nowrap_test(option_tests[i]);
> }
>
> + base64_invalid_chars_test();
> +
> footer();
> return check_plan();
> }
> diff --git a/test/unit/base64.result b/test/unit/base64.result
> index cd1f2b3f6..3bc2c2275 100644
> --- a/test/unit/base64.result
> +++ b/test/unit/base64.result
> @@ -1,4 +1,4 @@
> -1..28
> +1..29
> *** main ***
> 1..3
> ok 1 - length
> @@ -175,4 +175,7 @@ ok 27 - subtests
> ok 3 - decode length ok
> ok 4 - encode/decode
> ok 28 - subtests
> + 1..1
> + ok 1 - ignoring invalid chars
> +ok 29 - subtests
> *** main: done ***
> diff --git a/third_party/base64.c b/third_party/base64.c
> index 8ecab23eb..7c69315ea 100644
> --- a/third_party/base64.c
> +++ b/third_party/base64.c
> @@ -222,7 +222,8 @@ base64_decode_value(int value)
> 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43,
> 44, 45, 46, 47, 48, 49, 50, 51
> };
> - static const int decoding_size = sizeof(decoding);
> + static const int decoding_size =
> + sizeof(decoding) / sizeof(decoding[0]);
> int codepos = value;
> codepos -= 43;
> if (codepos < 0 || codepos >= decoding_size)
> --
> 2.25.1
>
prev parent reply other threads:[~2020-12-30 11:28 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-15 14:25 Sergey Nikiforov
2020-12-16 23:28 ` Vladislav Shpilevoy
2020-12-17 9:41 ` Leonid Vasiliev
2020-12-17 12:41 ` Alexander Turenko
2020-12-17 13:04 ` Sergey Nikiforov
2020-12-17 14:52 ` Leonid Vasiliev
2020-12-23 12:17 ` Leonid Vasiliev
2020-12-23 15:17 ` Vladislav Shpilevoy
2020-12-30 11:59 ` Alexander Turenko
2020-12-30 11:28 ` Alexander V. Tikhonov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201230112810.GA19419@hpalx \
--to=avtikhon@tarantool.org \
--cc=tarantool-patches@dev.tarantool.org \
--cc=void@tarantool.org \
--subject='Re: [Tarantool-patches] [PATCH v2] base64: Properly ignore invalid characters' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox