AK+Everywhere: Make Base64 decoding fallible

2025-07-28 08:27:46 +00:00 · 2021-10-23 15:43:59 +02:00 · 2021-10-23 15:43:59 +02:00 · cb868cfa41
commit cb868cfa41
parent 3bf1f7ae87
11 changed files with 73 additions and 32 deletions
--- a/Userland/Libraries/LibCrypto/ASN1/PEM.cpp
+++ b/Userland/Libraries/LibCrypto/ASN1/PEM.cpp
@ -35,7 +35,11 @@ ByteBuffer decode_pem(ReadonlyBytes data)
                break;
            }
            auto b64decoded = decode_base64(lexer.consume_line().trim_whitespace(TrimMode::Right));
-            if (!decoded.try_append(b64decoded.data(), b64decoded.size())) {
+            if (!b64decoded.has_value()) {
+                dbgln("Failed to decode PEM, likely bad Base64");
+                return {};
+            }
+            if (!decoded.try_append(b64decoded.value().data(), b64decoded.value().size())) {
                dbgln("Failed to decode PEM, likely OOM condition");
                return {};
            }
--- a/Userland/Libraries/LibHTTP/HttpRequest.cpp
+++ b/Userland/Libraries/LibHTTP/HttpRequest.cpp
@ -197,7 +197,10 @@ Optional<HttpRequest::BasicAuthenticationCredentials> HttpRequest::parse_http_ba
    auto token = value.substring_view(6);
    if (token.is_empty())
        return {};
-    auto decoded_token = String::copy(decode_base64(token));
+    auto decoded_token_bb = decode_base64(token);
+    if (!decoded_token_bb.has_value())
+        return {};
+    auto decoded_token = String::copy(decoded_token_bb.value());
    auto colon_index = decoded_token.find(':');
    if (!colon_index.has_value())
        return {};
--- a/Userland/Libraries/LibWeb/Bindings/WindowObject.cpp
+++ b/Userland/Libraries/LibWeb/Bindings/WindowObject.cpp
@ -386,11 +386,15 @@ JS_DEFINE_OLD_NATIVE_FUNCTION(WindowObject::atob)
    }
    auto string = TRY_OR_DISCARD(vm.argument(0).to_string(global_object));
    auto decoded = decode_base64(StringView(string));
+    if (!decoded.has_value()) {
+        vm.throw_exception<JS::TypeError>(global_object, JS::ErrorType::InvalidFormat, "Base64");
+        return {};
+    }

    // decode_base64() returns a byte string. LibJS uses UTF-8 for strings. Use Latin1Decoder to convert bytes 128-255 to UTF-8.
    auto decoder = TextCodec::decoder_for("windows-1252");
    VERIFY(decoder);
-    return JS::js_string(vm, decoder->to_utf8(decoded));
+    return JS::js_string(vm, decoder->to_utf8(decoded.value()));
 }

 JS_DEFINE_OLD_NATIVE_FUNCTION(WindowObject::btoa)
--- a/Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp
+++ b/Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp
@ -153,10 +153,18 @@ void ResourceLoader::load(LoadRequest& request, Function<void(ReadonlyBytes, con
            url.data_payload());

        ByteBuffer data;
-        if (url.data_payload_is_base64())
-            data = decode_base64(url.data_payload());
-        else
+        if (url.data_payload_is_base64()) {
+            auto data_maybe = decode_base64(url.data_payload());
+            if (!data_maybe.has_value()) {
+                auto error_message = "Base64 data contains an invalid character"sv;
+                log_failure(request, error_message);
+                error_callback(error_message, {});
+                return;
+            }
+            data = data_maybe.value();
+        } else {
            data = url.data_payload().to_byte_buffer();
+        }

        log_success(request);
        deferred_invoke([data = move(data), success_callback = move(success_callback)] {