Commit 1b85c71a authored by Tal Einat's avatar Tal Einat Committed by GitHub

bpo-33770: improve base64 exception message for encoded inputs of invalid length (#7416)

parent 98a0e466
......@@ -110,6 +110,34 @@ class BinASCIITest(unittest.TestCase):
# empty strings. TBD: shouldn't it raise an exception instead ?
self.assertEqual(binascii.a2b_base64(self.type2test(fillers)), b'')
def test_base64errors(self):
# Test base64 with invalid padding
def assertIncorrectPadding(data):
with self.assertRaisesRegex(binascii.Error, r'(?i)Incorrect padding'):
binascii.a2b_base64(self.type2test(data))
assertIncorrectPadding(b'ab')
assertIncorrectPadding(b'ab=')
assertIncorrectPadding(b'abc')
assertIncorrectPadding(b'abcdef')
assertIncorrectPadding(b'abcdef=')
assertIncorrectPadding(b'abcdefg')
assertIncorrectPadding(b'a=b=')
assertIncorrectPadding(b'a\nb=')
# Test base64 with invalid number of valid characters (1 mod 4)
def assertInvalidLength(data):
with self.assertRaisesRegex(binascii.Error, r'(?i)invalid.+length'):
binascii.a2b_base64(self.type2test(data))
assertInvalidLength(b'a')
assertInvalidLength(b'a=')
assertInvalidLength(b'a==')
assertInvalidLength(b'a===')
assertInvalidLength(b'a' * 5)
assertInvalidLength(b'a' * (4 * 87 + 1))
assertInvalidLength(b'A\tB\nC ??DE') # only 5 valid characters
def test_uu(self):
MAX_UU = 45
for backtick in (True, False):
......
improve base64 exception message for encoded inputs of invalid length
......@@ -510,7 +510,18 @@ binascii_a2b_base64_impl(PyObject *module, Py_buffer *data)
}
if (leftbits != 0) {
PyErr_SetString(Error, "Incorrect padding");
if (leftbits == 6) {
/*
** There is exactly one extra valid, non-padding, base64 character.
** This is an invalid length, as there is no possible input that
** could encoded into such a base64 string.
*/
PyErr_SetString(Error,
"Invalid base64-encoded string: "
"length cannot be 1 more than a multiple of 4");
} else {
PyErr_SetString(Error, "Incorrect padding");
}
_PyBytesWriter_Dealloc(&writer);
return NULL;
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment