Use Base.strict_decode64 instead of Base.decode64 just as we do in encoding;

Also reduce extra object allocation by creating string directly instead of join on Array
2022-11-09 12:12:34 -05:00 · 2013-05-15 19:41:04 +05:30 · 2013-05-15 19:41:04 +05:30 · a4e1e5d632
commit a4e1e5d632
parent dd03f10d52
3 changed files with 20 additions and 5 deletions
--- a/activesupport/lib/active_support/message_encryptor.rb
+++ b/activesupport/lib/active_support/message_encryptor.rb
@ -76,12 +76,12 @@ module ActiveSupport
      encrypted_data = cipher.update(@serializer.dump(value))
      encrypted_data << cipher.final

-      [encrypted_data, iv].map {|v| ::Base64.strict_encode64(v)}.join("--")
+      "#{::Base64.strict_encode64 encrypted_data}--#{::Base64.strict_encode64 iv}"
    end

    def _decrypt(encrypted_message)
      cipher = new_cipher
-      encrypted_data, iv = encrypted_message.split("--").map {|v| ::Base64.decode64(v)}
+      encrypted_data, iv = encrypted_message.split("--").map {|v| ::Base64.strict_decode64(v)}

      cipher.decrypt
      cipher.key = @secret
@ -91,7 +91,7 @@ module ActiveSupport
      decrypted_data << cipher.final

      @serializer.load(decrypted_data)
-    rescue OpenSSLCipherError, TypeError
+    rescue OpenSSLCipherError, TypeError, ArgumentError
      raise InvalidMessage
    end

--- a/activesupport/lib/active_support/message_verifier.rb
+++ b/activesupport/lib/active_support/message_verifier.rb
@ -37,7 +37,11 @@ module ActiveSupport

      data, digest = signed_message.split("--")
      if data.present? && digest.present? && secure_compare(digest, generate_digest(data))
-        @serializer.load(::Base64.decode64(data))
+        begin
+          @serializer.load(::Base64.strict_decode64(data))
+        rescue ArgumentError
+          raise InvalidSignature
+        end
      else
        raise InvalidSignature
      end
--- a/activesupport/test/message_encryptor_test.rb
+++ b/activesupport/test/message_encryptor_test.rb
@ -66,6 +66,17 @@ class MessageEncryptorTest < ActiveSupport::TestCase
    ActiveSupport.use_standard_json_time_format = prev
  end

+  def test_message_obeys_strict_encoding
+    bad_encoding_characters = "\n!@#"
+    message, iv = @encryptor.encrypt_and_sign("This is a very \n\nhumble string"+bad_encoding_characters)
+
+    assert_not_decrypted("#{::Base64.encode64 message.to_s}--#{::Base64.encode64 iv.to_s}")
+    assert_not_verified("#{::Base64.encode64 message.to_s}--#{::Base64.encode64 iv.to_s}")
+
+    assert_not_decrypted([iv,  message] * bad_encoding_characters)
+    assert_not_verified([iv,  message] * bad_encoding_characters)
+  end
+
  private

  def assert_not_decrypted(value)
@ -81,7 +92,7 @@ class MessageEncryptorTest < ActiveSupport::TestCase
  end

  def munge(base64_string)
-    bits = ::Base64.decode64(base64_string)
+    bits = ::Base64.strict_decode64(base64_string)
    bits.reverse!
    ::Base64.strict_encode64(bits)
  end