diff options
| author | Moonchild <moonchild@palemoon.org> | 2022-10-26 09:24:27 +0000 |
|---|---|---|
| committer | Moonchild <moonchild@palemoon.org> | 2022-10-26 09:24:27 +0000 |
| commit | 3505c2050a23eaedd2e7faaf89a115b9adcd2e0b (patch) | |
| tree | 1a02bed8d89ffc302b7f8575287011b4e34bcce2 /xpcom | |
| parent | 1139e11f3a793f3f7fb3905bf0879b8af252773f (diff) | |
| download | uxp-3505c2050a23eaedd2e7faaf89a115b9adcd2e0b.tar.gz | |
[XPCOM] Fix Base64 off-by-one issue and safeguard against this mistake in the future.
Diffstat (limited to 'xpcom')
| -rw-r--r-- | xpcom/io/Base64.cpp | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/xpcom/io/Base64.cpp b/xpcom/io/Base64.cpp index fa8e6f86cc..a93c78a7f3 100644 --- a/xpcom/io/Base64.cpp +++ b/xpcom/io/Base64.cpp @@ -246,6 +246,7 @@ EncodeInputStream(nsIInputStream* aInputStream, static const char kBase64URLAlphabet[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_"; +static_assert(mozilla::ArrayLength(kBase64URLAlphabet) == 0x41); // Maps an encoded character to a value in the Base64 URL alphabet, per // RFC 4648, Table 2. Invalid input characters map to UINT8_MAX. @@ -267,14 +268,19 @@ static const uint8_t kBase64URLDecodeTable[] = { 255, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, /* a - z */ - 255, 255, 255, 255, + 255, 255, 255, 255, 255 }; +static_assert(mozilla::ArrayLength(kBase64URLDecodeTable) == 0x80); bool Base64URLCharToValue(char aChar, uint8_t* aValue) { uint8_t index = static_cast<uint8_t>(aChar); - *aValue = kBase64URLDecodeTable[index & 0x7f]; - return (*aValue != 255) && !(index & ~0x7f); + if (index >= mozilla::ArrayLength(kBase64URLDecodeTable)) { + *aValue = 255; + return false; + } + *aValue = kBase64URLDecodeTable[index]; + return *aValue != 255; } } // namespace |