[SERVER-15194] Make the base64::decode function throw for invalid input characters Created: 09/Sep/14  Updated: 06/Dec/17  Resolved: 06/Jul/17

Status: Closed
Project: Core Server
Component/s: Internal Code
Affects Version/s: 2.7.6
Fix Version/s: 3.5.10

Type: Improvement Priority: Major - P3
Reporter: Andreas Nilsson Assignee: Sara Golemon
Resolution: Done Votes: 0
Labels: neweng
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Backwards Compatibility: Minor Change
Participants:
Case:
Linked BF Score: 0

 Description   

base64::decode uasserts for invalid input lengths but not for invalid input characters. Extend this with a check for invalid base64 input characters.



 Comments   
Comment by Githook User [ 07/Jul/17 ]

Author:

{u'username': u'sgolemon', u'name': u'Sara Golemon', u'email': u'sara.golemon@mongodb.com'}

Message: SERVER-15194 Refactor base64::decode Implementation

Unrevert 4b222edf455a34667cfaf7b67e7f8dfdca42bd9c and
Fix random base64 generation in test helper

The good news is that the changes to base64::decode()
did exactly what they were intended to do.
The bad news is that data_generators.js was producing
invalid base64 sequences when (length % 4) == 1.
Branch: master
https://github.com/mongodb/mongo/commit/3ee00dd0e8f36c6223524012e925055e94b05080

Comment by Githook User [ 07/Jul/17 ]

Author:

{u'username': u'ncm', u'name': u'Nathan Myers', u'email': u'ncm@cantrip.org'}

Message: Revert "SERVER-15194 Refactor base64::decode Implementation"

This reverts commit 4b222edf455a34667cfaf7b67e7f8dfdca42bd9c.
Branch: master
https://github.com/mongodb/mongo/commit/f2b3f835300b7bfff370ad92b61f08bf285f79b1

Comment by Sara Golemon [ 06/Jul/17 ]

base64::decode() will now throw an exception on bad input whereas before it would quietly accept the bad input and produce garbage output.

Comment by Githook User [ 06/Jul/17 ]

Author:

{u'username': u'sgolemon', u'name': u'Sara Golemon', u'email': u'sara.golemon@mongodb.com'}

Message: SERVER-15194 Refactor base64::decode Implementation

  • Existing check for length as multiple of 4 as-is
  • Added check for non-base64 characters on input
  • Added check for terminators ('=') midstream
    Implicitly in positions 0 and 1 via non-base64 check
    Explicitly in positions 2 and 3 via "done" check.

Moved "Alphabet" class into cpp file in anon namespace
as it's an implementation detail and shouldn't be used
by outside classes.

Added base64::validate() method to accomodate BSON's
isBase64String() check.
Branch: master
https://github.com/mongodb/mongo/commit/4b222edf455a34667cfaf7b67e7f8dfdca42bd9c

Generated at Thu Feb 08 03:37:14 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.