1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-28 08:27:46 +00:00

AK+Everywhere: Make Base64 decoding fallible

This commit is contained in:
Ben Wiederhake 2021-10-23 15:43:59 +02:00 committed by Linus Groh
parent 3bf1f7ae87
commit cb868cfa41
11 changed files with 73 additions and 32 deletions

View file

@ -35,7 +35,11 @@ ByteBuffer decode_pem(ReadonlyBytes data)
break;
}
auto b64decoded = decode_base64(lexer.consume_line().trim_whitespace(TrimMode::Right));
if (!decoded.try_append(b64decoded.data(), b64decoded.size())) {
if (!b64decoded.has_value()) {
dbgln("Failed to decode PEM, likely bad Base64");
return {};
}
if (!decoded.try_append(b64decoded.value().data(), b64decoded.value().size())) {
dbgln("Failed to decode PEM, likely OOM condition");
return {};
}

View file

@ -197,7 +197,10 @@ Optional<HttpRequest::BasicAuthenticationCredentials> HttpRequest::parse_http_ba
auto token = value.substring_view(6);
if (token.is_empty())
return {};
auto decoded_token = String::copy(decode_base64(token));
auto decoded_token_bb = decode_base64(token);
if (!decoded_token_bb.has_value())
return {};
auto decoded_token = String::copy(decoded_token_bb.value());
auto colon_index = decoded_token.find(':');
if (!colon_index.has_value())
return {};

View file

@ -386,11 +386,15 @@ JS_DEFINE_OLD_NATIVE_FUNCTION(WindowObject::atob)
}
auto string = TRY_OR_DISCARD(vm.argument(0).to_string(global_object));
auto decoded = decode_base64(StringView(string));
if (!decoded.has_value()) {
vm.throw_exception<JS::TypeError>(global_object, JS::ErrorType::InvalidFormat, "Base64");
return {};
}
// decode_base64() returns a byte string. LibJS uses UTF-8 for strings. Use Latin1Decoder to convert bytes 128-255 to UTF-8.
auto decoder = TextCodec::decoder_for("windows-1252");
VERIFY(decoder);
return JS::js_string(vm, decoder->to_utf8(decoded));
return JS::js_string(vm, decoder->to_utf8(decoded.value()));
}
JS_DEFINE_OLD_NATIVE_FUNCTION(WindowObject::btoa)

View file

@ -153,10 +153,18 @@ void ResourceLoader::load(LoadRequest& request, Function<void(ReadonlyBytes, con
url.data_payload());
ByteBuffer data;
if (url.data_payload_is_base64())
data = decode_base64(url.data_payload());
else
if (url.data_payload_is_base64()) {
auto data_maybe = decode_base64(url.data_payload());
if (!data_maybe.has_value()) {
auto error_message = "Base64 data contains an invalid character"sv;
log_failure(request, error_message);
error_callback(error_message, {});
return;
}
data = data_maybe.value();
} else {
data = url.data_payload().to_byte_buffer();
}
log_success(request);
deferred_invoke([data = move(data), success_callback = move(success_callback)] {