You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/08/01 19:54:50 UTC
[tomcat] branch master updated: Update codec
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new 0b3fba2 Update codec
0b3fba2 is described below
commit 0b3fba289ad2d62efec5d7d3cae65d468d044912
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Aug 1 20:54:34 2019 +0100
Update codec
---
MERGE.txt | 2 +-
.../apache/tomcat/util/codec/binary/Base64.java | 22 +++++++++++++++++++++-
webapps/docs/changelog.xml | 4 ++++
3 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/MERGE.txt b/MERGE.txt
index 267c7a5..a0e5a1c 100644
--- a/MERGE.txt
+++ b/MERGE.txt
@@ -43,7 +43,7 @@ Codec
Sub-tree:
src/main/java/org/apache/commons/codec
The SHA1 ID for the most recent commit to be merged to Tomcat is:
-8502e2f14a6eafb0afa0964b34d1d1bb02b44f64 (2019-04-23)
+3ebef4ad92e31697fb52ca7cc71904c68654c2c8 (2019-08-01)
Note: Only classes required for Base64 encoding/decoding. The rest are removed.
FileUpload
diff --git a/java/org/apache/tomcat/util/codec/binary/Base64.java b/java/org/apache/tomcat/util/codec/binary/Base64.java
index ed13cb5..99a501c 100644
--- a/java/org/apache/tomcat/util/codec/binary/Base64.java
+++ b/java/org/apache/tomcat/util/codec/binary/Base64.java
@@ -421,7 +421,7 @@ public class Base64 extends BaseNCodec {
* @param inPos
* Position to start reading data from.
* @param inAvail
- * Amount of bytes available from input for encoding.
+ * Amount of bytes available from input for decoding.
* @param context
* the context to be used
*/
@@ -469,10 +469,12 @@ public class Base64 extends BaseNCodec {
// TODO not currently tested; perhaps it is impossible?
break;
case 2 : // 12 bits = 8 + 4
+ validateCharacter(4, context);
context.ibitWorkArea = context.ibitWorkArea >> 4; // dump the extra 4 bits
buffer[context.pos++] = (byte) ((context.ibitWorkArea) & MASK_8BITS);
break;
case 3 : // 18 bits = 8 + 8 + 2
+ validateCharacter(2, context);
context.ibitWorkArea = context.ibitWorkArea >> 2; // dump 2 bits
buffer[context.pos++] = (byte) ((context.ibitWorkArea >> 8) & MASK_8BITS);
buffer[context.pos++] = (byte) ((context.ibitWorkArea) & MASK_8BITS);
@@ -770,4 +772,22 @@ public class Base64 extends BaseNCodec {
return octet >= 0 && octet < decodeTable.length && decodeTable[octet] != -1;
}
+
+ /**
+ * <p>
+ * Validates whether the character is possible in the context of the set of possible base 64 values.
+ * </p>
+ *
+ * @param numBitsToDrop number of least significant bits to check
+ * @param context the context to be used
+ *
+ * @throws IllegalArgumentException if the bits being checked contain any non-zero value
+ */
+ private long validateCharacter(final int numBitsToDrop, final Context context) {
+ if ((context.ibitWorkArea & numBitsToDrop) != 0) {
+ throw new IllegalArgumentException(
+ "Last encoded character (before the paddings if any) is a valid base 64 alphabet but not a possible value");
+ }
+ return context.ibitWorkArea >> numBitsToDrop;
+ }
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index e351748..e515188 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -213,6 +213,10 @@
<update>
Update dependency on bnd to 4.2.0. (markt)
</update>
+ <update>
+ Update the internal fork of Commons Codec to 3ebef4a (2018-08-01) to
+ pick up the fix for CODEC-134. (markt)
+ </update>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org