From: Vladislav Shpilevoy <v.shpilevoy@tarantool.org>
To: tarantool-patches@freelists.org
Cc: kostja@tarantool.org
Subject: [tarantool-patches] [PATCH 1/1] digest: fix error in base64 encode options
Date: Thu, 26 Apr 2018 18:46:38 +0300 [thread overview]
Message-ID: <9915797daad3058256ffa4f9d42516d1fc35838b.1524757561.git.v.shpilevoy@tarantool.org> (raw)
Any option of base64 leads to urlsafe encoding. It is wrong, and
caused by incorrect flag checking. Fix it.
Closes #3358
---
Issue: https://github.com/tarantool/tarantool/issues/3358
Branch: https://github.com/tarantool/tarantool/tree/gh-3358-digest-bug
test/app/digest.result | 18 ++++++++++++++++++
test/app/digest.test.lua | 9 +++++++++
third_party/base64.c | 2 +-
3 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/test/app/digest.result b/test/app/digest.result
index 1a86bcaff..bf1815136 100644
--- a/test/app/digest.result
+++ b/test/app/digest.result
@@ -506,6 +506,24 @@ digest.base64_decode(b)
---
- aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
...
+--
+-- gh-3358: any option makes base64 work like urlsafe.
+--
+s = digest.base64_encode('?>>>', {nowrap = true})
+---
+...
+-- Check for '+' - it is not urlsafe.
+s:find('+') ~= nil
+---
+- true
+...
+s = digest.base64_encode('?>>>', {nopad = true})
+---
+...
+s:find('+') ~= nil
+---
+- true
+...
digest.pbkdf2("password", "salt", 4096, 32)
---
- !!binary xeR41ZKIyEGqUw22hFxMjZYok6ABzk4RpJY4c6qYE0o=
diff --git a/test/app/digest.test.lua b/test/app/digest.test.lua
index 76e71fe2d..3134efc92 100644
--- a/test/app/digest.test.lua
+++ b/test/app/digest.test.lua
@@ -161,6 +161,15 @@ b = digest.base64_encode(string.rep('a', 100), { nowrap = true })
b
digest.base64_decode(b)
+--
+-- gh-3358: any option makes base64 work like urlsafe.
+--
+s = digest.base64_encode('?>>>', {nowrap = true})
+-- Check for '+' - it is not urlsafe.
+s:find('+') ~= nil
+s = digest.base64_encode('?>>>', {nopad = true})
+s:find('+') ~= nil
+
digest.pbkdf2("password", "salt", 4096, 32)
digest.pbkdf2_hex("password", "salt", 4096, 32)
digest.pbkdf2_hex("password", "salt")
diff --git a/third_party/base64.c b/third_party/base64.c
index e3bc0b727..8ecab23eb 100644
--- a/third_party/base64.c
+++ b/third_party/base64.c
@@ -186,7 +186,7 @@ base64_encode(const char *in_bin, int in_len,
char *out_base64, int out_len, int options)
{
const char *encoding;
- if ((options & BASE64_URLSAFE) != 0)
+ if ((options & BASE64_URLSAFE) == BASE64_URLSAFE)
encoding = urlsafe_encoding;
else
encoding = default_encoding;
--
2.15.1 (Apple Git-101)
reply other threads:[~2018-04-26 15:46 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9915797daad3058256ffa4f9d42516d1fc35838b.1524757561.git.v.shpilevoy@tarantool.org \
--to=v.shpilevoy@tarantool.org \
--cc=kostja@tarantool.org \
--cc=tarantool-patches@freelists.org \
--subject='Re: [tarantool-patches] [PATCH 1/1] digest: fix error in base64 encode options' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox