jsDecodeBase64 fails to reject short encodings - Githubissues

endojs / endo

Endo is a distributed secure JavaScript sandbox, based on SES

Apache License 2.0

804 stars 71 forks source link

jsDecodeBase64 fails to reject short encodings #1990

Closed gibson042 closed 7 months ago

gibson042 commented 8 months ago

Describe the bug

jsDecodeBase64 incorrectly accepts short encodings that leave bits hanging in the register, and the incorrectness is visible in Node.js.

Steps to reproduce

$ node --input-type=module -e '
  import "@endo/init";
  import { decodeBase64 } from "@endo/base64";
  console.log(decodeBase64("Z"));
  console.log(decodeBase64("V1RGZ"));
'

Expected behavior

An error.

Actual behavior

Uint8Array(0) []
Uint8Array(3) [ 87, 84, 70 ]