Closed Bug 872968 Opened 12 years ago Closed 12 years ago

atob accepts invalid base64 with garbage tail bits

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Platform:
Other
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: igor, Unassigned)

Details

For strings where length % 4 == 2 or length % 4 == 3 atob does not verify that the lower bits of that last base64 character should be zero. For example atob("QR==") gives "A" when the correct encoding for "A" is "QQ==". Similarly atob("QUG=") gives "AA" when the correct encodig for "AA" is "QUE=".
See the spec at http://www.whatwg.org/specs/web-apps/current-work/#dom-windowbase64-atob step 10 and the Note right after it.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → INVALID
(In reply to Boris Zbarsky (:bz) from comment #1) > See the spec at > http://www.whatwg.org/specs/web-apps/current-work/#dom-windowbase64-atob > step 10 and the Note right after it. Any reason for that? It is strange that length % 4 == 1 that effectively provides 6 garbage bits is an error according to the step 5 while length % 2 == 2 and 4 garabage bits is not...
I expect the reason is that every UA does it that way already so changing it would be a web compat risk for no particularly good reason... Furthermore, nothing else I've found anywhere defines base64 decoding, so there is no other spec that we're violating here, as far as I can tell.
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.