Details
-
Bug
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
1.13
-
None
Description
Both Base32 and Base64 check that the final bits from the trailing digit that will be discarded are zero.
The test for the trailing bits in the final digits in Base64 is:
private long validateCharacter(final int numBitsToDrop, final Context context) { if ((context.ibitWorkArea & numBitsToDrop) != 0) {
It should be:
private long validateCharacter(final int numBitsToDrop, final Context context) { int mask = (1 << numBitsToDrop) - 1; if ((context.ibitWorkArea & mask) != 0) {
Likewise in Base32.
The following base64 is illegal but is still decoded:
AB== A : 000000 B : 000001 byte = 00000000 + 0001 discarded
Here the check for the 4 trailing bits to drop in this case checks only bit 3 and ignores bit 1 which is set.
Same for Base32, this is illegal:
AB====== A : 00000 B : 00001 byte = 00000000 + 01 discarded
But the check for the 2 trailing bits to drop in this case checks bit 2 and ignores bit 1 which is set.
Note: The test cases using "AC" has bit 2 set and so is flagged as invalid.