[#CODEC-68] isBase64 throws ArrayIndexOutOfBoundsException on some non-BASE64 bytes

Commons Codec

isBase64 throws ArrayIndexOutOfBoundsException on some non-BASE64 bytes

Created: 30/Apr/08 09:01 AM Updated: 04/May/08 01:09 AM

Return to search

Component/s:

None

Affects Version/s:

1.3

Fix Version/s:

1.4

Time Tracking:

Original Estimate:

0.25h

Remaining Estimate:

0.25h

Time Spent:

Not Specified

Resolution Date:

04/May/08 01:09 AM

Description

« Hide

the following code throws an ArrayIndexOutOfBoundsException although it is perfectly valid (the byte 0x9c should be ignored according to the standard):

byte[x] = new byte[] { 'n', 'A', '=', '=', 0x9c };
Base64.decodeBase64(x);

The problem is the following method:

private static boolean isBase64(byte octect) {
        if (octect == PAD) {
            return true;
        } else if (base64Alphabet[octect] == -1) {
            return false;
        } else {
            return true;
        }
    }

in Java octect is a signed value, so it is not correct to use it as an offset for an array [0..254] which base64Alphabet is. 0x9c is -100!

FIX:
use base64Alphabet[ 0xff & octect ] in the "else if" block to convert the octet prior using it as an offset for the lookup table

All

Comments

Work Log

Change History

Subversion Commits

Sort Order:

[ Permlink | « Hide ]

Henri Yandell added a comment - 03/May/08 05:23 PM

I've added that as a unit test and it passes. I had to cast the 0x9c to a byte, but no other changes. I'll look later to see if the bugs already been caught and fixed.

[ Permlink | « Hide ]

Henri Yandell added a comment - 04/May/08 01:09 AM

The relevant line of code has already been changed to:

} else if (octect < 0 || base64Alphabet[octect] == -1) {

Thus it no longer gets an exception and is ignored.