Mirror
/
cpython
mirror of https://github.com/python/cpython
4
1
Fork 0
Code Issues Releases Wiki Activity

gh-118314: Fix padding edge case in binascii.a2b_base64 strict mode (GH-118320) 

Fix an edge case in `binascii.a2b_base64` strict mode, where
excessive padding was not detected when no padding is necessary.

Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Co-authored-by: Pieter Eendebak <pieter.eendebak@gmail.com>
This commit is contained in:
Youfu Zhang 2024-05-07 17:18:45 +08:00 committed by GitHub
parent 3a6ff1b1d9
commit fe47d9bee3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
Lib/test/test_binascii.py
View File

@ -139,13 +139,21 @@ class BinASCIITest(unittest.TestCase):
def assertDiscontinuousPadding(data, non_strict_mode_expected_result: bytes): def assertDiscontinuousPadding(data, non_strict_mode_expected_result: bytes):
_assertRegexTemplate(r'(?i)Discontinuous padding', data, non_strict_mode_expected_result) _assertRegexTemplate(r'(?i)Discontinuous padding', data, non_strict_mode_expected_result)
def assertExcessPadding(data, non_strict_mode_expected_result: bytes):
_assertRegexTemplate(r'(?i)Excess padding', data, non_strict_mode_expected_result)
# Test excess data exceptions # Test excess data exceptions
assertExcessData(b'ab==a', b'i') assertExcessData(b'ab==a', b'i')
assertExcessData(b'ab===', b'i') assertExcessData(b'ab===', b'i')
assertExcessData(b'ab====', b'i')
assertExcessData(b'ab==:', b'i') assertExcessData(b'ab==:', b'i')
assertExcessData(b'abc=a', b'i\xb7') assertExcessData(b'abc=a', b'i\xb7')
assertExcessData(b'abc=:', b'i\xb7') assertExcessData(b'abc=:', b'i\xb7')
assertExcessData(b'ab==\n', b'i') assertExcessData(b'ab==\n', b'i')
assertExcessData(b'abc==', b'i\xb7')
assertExcessData(b'abc===', b'i\xb7')
assertExcessData(b'abc====', b'i\xb7')
assertExcessData(b'abc=====', b'i\xb7')
# Test non-base64 data exceptions # Test non-base64 data exceptions
assertNonBase64Data(b'\nab==', b'i') assertNonBase64Data(b'\nab==', b'i')
@ -157,8 +165,15 @@ class BinASCIITest(unittest.TestCase):
assertLeadingPadding(b'=', b'') assertLeadingPadding(b'=', b'')
assertLeadingPadding(b'==', b'') assertLeadingPadding(b'==', b'')
assertLeadingPadding(b'===', b'') assertLeadingPadding(b'===', b'')
assertLeadingPadding(b'====', b'')
assertLeadingPadding(b'=====', b'')
assertDiscontinuousPadding(b'ab=c=', b'i\xb7') assertDiscontinuousPadding(b'ab=c=', b'i\xb7')
assertDiscontinuousPadding(b'ab=ab==', b'i\xb6\x9b') assertDiscontinuousPadding(b'ab=ab==', b'i\xb6\x9b')
assertExcessPadding(b'abcd=', b'i\xb7\x1d')
assertExcessPadding(b'abcd==', b'i\xb7\x1d')
assertExcessPadding(b'abcd===', b'i\xb7\x1d')
assertExcessPadding(b'abcd====', b'i\xb7\x1d')
assertExcessPadding(b'abcd=====', b'i\xb7\x1d')
def test_base64errors(self): def test_base64errors(self):

1
Misc/NEWS.d/next/Library/2024-04-26-12-42-29.gh-issue-118314.Z7reGc.rst Normal file
View File

@ -0,0 +1 @@
Fix an edge case in :func:`binascii.a2b_base64` strict mode, where excessive padding is not detected when no padding is necessary.

7
Modules/binascii.c
View File

@ -414,6 +414,13 @@ binascii_a2b_base64_impl(PyObject *module, Py_buffer *data, int strict_mode)
if (this_ch == BASE64_PAD) { if (this_ch == BASE64_PAD) {
padding_started = 1; padding_started = 1;
if (strict_mode && quad_pos == 0) {
state = get_binascii_state(module);
if (state) {
PyErr_SetString(state->Error, "Excess padding not allowed");
}
goto error_end;
}
if (quad_pos >= 2 && quad_pos + ++pads >= 4) { if (quad_pos >= 2 && quad_pos + ++pads >= 4) {
/* A pad sequence means we should not parse more input. /* A pad sequence means we should not parse more input.
** We've already interpreted the data from the quad at this point. ** We've already interpreted the data from the quad at this point.