Skip to content

Fix DecodeBase64 to reject truncated input#1398

Merged
jbeder merged 1 commit intojbeder:masterfrom
jwnimmer-tri:b64_decode_failure_is_empty
Feb 10, 2026
Merged

Fix DecodeBase64 to reject truncated input#1398
jbeder merged 1 commit intojbeder:masterfrom
jwnimmer-tri:b64_decode_failure_is_empty

Conversation

@jwnimmer-tri
Copy link
Contributor

@jwnimmer-tri jwnimmer-tri commented Feb 10, 2026

If the input doesn't have the proper number of encoding characters (a multiple of 4), return an empty result.

@jwnimmer-tri @SeanCurtis-TRI
Fix DecodeBase64 to reject truncated input
b285741 
If the input doesn't have the proper number of encoding characters
(a multiple of 4), return an empty result.

Co-Authored-By: Sean Curtis <sean.curtis@tri.global>
@jbeder
Copy link
Owner

jbeder commented Feb 10, 2026

Why?

Alternatively, what about throwing an exception since it's a failed conversion?

@jwnimmer-tri
Copy link
Contributor Author

jwnimmer-tri commented Feb 10, 2026
edited
Loading

Why?

In general for parsers, it's important to detect and reject invalid input.

Alternatively, what about throwing an exception since it's a failed conversion?

The pre-existing logic in the function already returns the empty vector to indicate a conversion failure, e.g., for invalid characters:

yaml-cpp/src/binary.cpp

Lines 83 to 84 in 2e6383d

if (d == 255)
return ret_type();

I was trying to remain consistent with existing practice.

If you would prefer that all decode failures throw instead of returning empty, I can work on revising the patch?

@jwnimmer-tri
Copy link
Contributor Author

jwnimmer-tri commented Feb 10, 2026

Note that the call site already correctly interprets an empty return value as an error:

yaml-cpp/include/yaml-cpp/node/convert.h

Lines 462 to 464 in 2e6383d

std::vector<unsigned char> data = DecodeBase64(node.Scalar());
if (data.empty() && !node.Scalar().empty())
return false;

@jwnimmer-tri jwnimmer-tri mentioned this pull request Feb 10, 2026
Merged
@jbeder
Copy link
Owner

jbeder commented Feb 10, 2026

Ok sounds good

@jbeder jbeder merged commit 80ea002 into jbeder:master Feb 10, 2026
31 checks passed
@jwnimmer-tri jwnimmer-tri deleted the b64_decode_failure_is_empty branch February 10, 2026 20:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jbeder jbeder jbeder approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jwnimmer-tri @jbeder