AK+Everywhere: Make Base64 decoding fallible

author: Ben Wiederhake <BenWiederhake.GitHub@gmx.de> 2021-10-23 15:43:59 +0200
committer: Linus Groh <mail@linusgroh.de> 2021-10-23 19:16:40 +0100
commit: cb868cfa41072e08987e1c32f117483445ba197d (patch)
tree: 89660af33860e44523b81ef66fbf375f6533eb57 /Userland/Libraries/LibWeb
parent: 3bf1f7ae874918365acedc3d511b60b066b9d4aa (diff)
download: serenity-cb868cfa41072e08987e1c32f117483445ba197d.zip
2 files changed, 16 insertions, 4 deletions
diff --git a/Userland/Libraries/LibWeb/Bindings/WindowObject.cpp b/Userland/Libraries/LibWeb/Bindings/WindowObject.cpp
index c2073534b2..3de8c06233 100644
--- a/Userland/Libraries/LibWeb/Bindings/WindowObject.cpp
+++ b/Userland/Libraries/LibWeb/Bindings/WindowObject.cpp
@@ -386,11 +386,15 @@ JS_DEFINE_OLD_NATIVE_FUNCTION(WindowObject::atob)
     }
     auto string = TRY_OR_DISCARD(vm.argument(0).to_string(global_object));
     auto decoded = decode_base64(StringView(string));
+    if (!decoded.has_value()) {
+        vm.throw_exception<JS::TypeError>(global_object, JS::ErrorType::InvalidFormat, "Base64");
+        return {};
+    }
 
     // decode_base64() returns a byte string. LibJS uses UTF-8 for strings. Use Latin1Decoder to convert bytes 128-255 to UTF-8.
     auto decoder = TextCodec::decoder_for("windows-1252");
     VERIFY(decoder);
-    return JS::js_string(vm, decoder->to_utf8(decoded));
+    return JS::js_string(vm, decoder->to_utf8(decoded.value()));
 }
 
 JS_DEFINE_OLD_NATIVE_FUNCTION(WindowObject::btoa)
diff --git a/Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp b/Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp
index 02ba6d19b0..1c2bb06208 100644
--- a/Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp
+++ b/Userland/Libraries/LibWeb/Loader/ResourceLoader.cpp
@@ -153,10 +153,18 @@ void ResourceLoader::load(LoadRequest& request, Function<void(ReadonlyBytes, con
             url.data_payload());
 
         ByteBuffer data;
-        if (url.data_payload_is_base64())
-            data = decode_base64(url.data_payload());
-        else
+        if (url.data_payload_is_base64()) {
+            auto data_maybe = decode_base64(url.data_payload());
+            if (!data_maybe.has_value()) {
+                auto error_message = "Base64 data contains an invalid character"sv;
+                log_failure(request, error_message);
+                error_callback(error_message, {});
+                return;
+            }
+            data = data_maybe.value();
+        } else {
             data = url.data_payload().to_byte_buffer();
+        }
 
         log_success(request);
         deferred_invoke([data = move(data), success_callback = move(success_callback)] {
author	Ben Wiederhake <BenWiederhake.GitHub@gmx.de>	2021-10-23 15:43:59 +0200
committer	Linus Groh <mail@linusgroh.de>	2021-10-23 19:16:40 +0100
commit	cb868cfa41072e08987e1c32f117483445ba197d (patch)
tree	89660af33860e44523b81ef66fbf375f6533eb57 /Userland/Libraries/LibWeb
parent	3bf1f7ae874918365acedc3d511b60b066b9d4aa (diff)
download	serenity-cb868cfa41072e08987e1c32f117483445ba197d.zip