base64_decode: fix bug #72152 (fail on NUL bytes in strict mode)

This added check is actually for NOT failing in NON-strict mode. The ch == -2 check later causes the desired failure in strict mode.
author: Lauri Kenttä <lauri.kentta@gmail.com> 2016-05-25 21:02:41 +0300
committer: Nikita Popov <nikic@php.net> 2016-07-05 16:51:36 +0200
commit: 260c07db850266d2d65cff446ec98d4a4752d41c (patch)
tree: ca98717c93022eb6c1db234390ca60040e25e68a /ext/standard/base64.c
parent: fbc74bb5f9df22a038a00f1f0e2437f1def81b93 (diff)
download: php-git-260c07db850266d2d65cff446ec98d4a4752d41c.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/ext/standard/base64.c b/ext/standard/base64.c
index e8d7f04aa4..6c890e34fc 100644
--- a/ext/standard/base64.c
+++ b/ext/standard/base64.c
@@ -143,7 +143,12 @@ PHPAPI zend_string *php_base64_decode_ex(const unsigned char *str, size_t length
 	result = zend_string_alloc(length, 0);
 
 	/* run through the whole string, converting as we go */
-	while (length-- > 0 && (ch = *current++) != '\0') {
+	while (length-- > 0) {
+		ch = *current++;
+		/* stop on null byte in non-strict mode (FIXME: is this really desired?) */
+		if (ch == 0 && !strict) {
+			break;
+		}
 		if (ch == base64_pad) {
 			/* fail if the padding character is second in a group (like V===) */
 			/* FIXME: why do we still allow invalid padding in other places in the middle of the string? */
author	Lauri Kenttä <lauri.kentta@gmail.com>	2016-05-25 21:02:41 +0300
committer	Nikita Popov <nikic@php.net>	2016-07-05 16:51:36 +0200
commit	260c07db850266d2d65cff446ec98d4a4752d41c (patch)
tree	ca98717c93022eb6c1db234390ca60040e25e68a /ext/standard/base64.c
parent	fbc74bb5f9df22a038a00f1f0e2437f1def81b93 (diff)
download	php-git-260c07db850266d2d65cff446ec98d4a4752d41c.tar.gz