You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/08/01 20:00:06 UTC
[tomcat] branch 7.0.x updated: Update codec
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new 3c097cd Update codec
3c097cd is described below
commit 3c097cd34dea480765ffce0c7315128696ecb62e
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Aug 1 20:54:34 2019 +0100
Update codec
---
.../apache/tomcat/util/codec/binary/Base64.java | 22 +++++++++++++++++++++-
webapps/docs/changelog.xml | 4 ++++
2 files changed, 25 insertions(+), 1 deletion(-)
diff --git a/java/org/apache/tomcat/util/codec/binary/Base64.java b/java/org/apache/tomcat/util/codec/binary/Base64.java
index 75096f7..a9ce90d 100644
--- a/java/org/apache/tomcat/util/codec/binary/Base64.java
+++ b/java/org/apache/tomcat/util/codec/binary/Base64.java
@@ -418,7 +418,7 @@ public class Base64 extends BaseNCodec {
* @param inPos
* Position to start reading data from.
* @param inAvail
- * Amount of bytes available from input for encoding.
+ * Amount of bytes available from input for decoding.
* @param context
* the context to be used
*/
@@ -467,10 +467,12 @@ public class Base64 extends BaseNCodec {
// TODO not currently tested; perhaps it is impossible?
break;
case 2 : // 12 bits = 8 + 4
+ validateCharacter(4, context);
context.ibitWorkArea = context.ibitWorkArea >> 4; // dump the extra 4 bits
buffer[context.pos++] = (byte) ((context.ibitWorkArea) & MASK_8BITS);
break;
case 3 : // 18 bits = 8 + 8 + 2
+ validateCharacter(2, context);
context.ibitWorkArea = context.ibitWorkArea >> 2; // dump 2 bits
buffer[context.pos++] = (byte) ((context.ibitWorkArea >> 8) & MASK_8BITS);
buffer[context.pos++] = (byte) ((context.ibitWorkArea) & MASK_8BITS);
@@ -784,4 +786,22 @@ public class Base64 extends BaseNCodec {
return octet >= 0 && octet < decodeTable.length && decodeTable[octet] != -1;
}
+
+ /**
+ * <p>
+ * Validates whether the character is possible in the context of the set of possible base 64 values.
+ * </p>
+ *
+ * @param numBitsToDrop number of least significant bits to check
+ * @param context the context to be used
+ *
+ * @throws IllegalArgumentException if the bits being checked contain any non-zero value
+ */
+ private long validateCharacter(final int numBitsToDrop, final Context context) {
+ if ((context.ibitWorkArea & numBitsToDrop) != 0) {
+ throw new IllegalArgumentException(
+ "Last encoded character (before the paddings if any) is a valid base 64 alphabet but not a possible value");
+ }
+ return context.ibitWorkArea >> numBitsToDrop;
+ }
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 1eb3a3c..9dbc17f 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -111,6 +111,10 @@
Allow customization of service.bat, such as heap memory size, service
startup mode and JVM args. (isapir)
</fix>
+ <update>
+ Update the internal fork of Commons Codec to 3ebef4a (2018-08-01) to
+ pick up the fix for CODEC-134. (markt)
+ </update>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org