diff options
author | Ilia Alshanetsky <iliaa@php.net> | 2010-11-26 20:59:13 +0000 |
---|---|---|
committer | Ilia Alshanetsky <iliaa@php.net> | 2010-11-26 20:59:13 +0000 |
commit | 4bc5cac3175720b4c91866e850e7cbcf828c66f8 (patch) | |
tree | 0d4e9cca3f2c896781c14583d6e7ea7b12c9dea5 | |
parent | 722457594b6d250ddd35329632e1f2dfb30e1a8d (diff) | |
download | php-git-4bc5cac3175720b4c91866e850e7cbcf828c66f8.tar.gz |
Fixed bug #52327 (base64_decode() improper handling of leading padding in strict mode)
-rw-r--r-- | ext/standard/base64.c | 2 | ||||
-rw-r--r-- | ext/standard/tests/url/bug52327.phpt | 12 |
2 files changed, 13 insertions, 1 deletions
diff --git a/ext/standard/base64.c b/ext/standard/base64.c index 8e596b1221..192a08a43f 100644 --- a/ext/standard/base64.c +++ b/ext/standard/base64.c @@ -152,7 +152,7 @@ PHPAPI unsigned char *php_base64_decode_ex(const unsigned char *str, int length, /* run through the whole string, converting as we go */ while ((ch = *current++) != '\0' && length-- > 0) { if (ch == base64_pad) { - if (*current != '=' && (i % 4) == 1) { + if (*current != '=' && ((i % 4) == 1 || (strict && length > 0))) { efree(result); return NULL; } diff --git a/ext/standard/tests/url/bug52327.phpt b/ext/standard/tests/url/bug52327.phpt new file mode 100644 index 0000000000..fb2e0fa25b --- /dev/null +++ b/ext/standard/tests/url/bug52327.phpt @@ -0,0 +1,12 @@ +--TEST-- +Bug #52327 (base64_decode() improper handling of leading padding) +--FILE-- +<?php +var_dump( + base64_decode('=VGhl=ICc9=JyBz=eW1i=b2xz=IGFy=ZW4n=dCBh=bGxv=d2Vk=IHdo=ZXJl=IGkg=cHV0=IHRo=ZW0g=by5P'), + base64_decode('=VGhl=ICc9=JyBz=eW1i=b2xz=IGFy=ZW4n=dCBh=bGxv=d2Vk=IHdo=ZXJl=IGkg=cHV0=IHRo=ZW0g=by5P', true) +); +?> +--EXPECT-- +string(51) "The '=' symbols aren't allowed where i put them o.O" +bool(false) |