Bug #6280
closedOptimization #7065: base64: move the decoder to rust
base64: strict mode should only accept strings that can be reliably converted back
Description
A string such as D=aB is invalid and should be rejected by the parser.
More strings that should be rejected from the conversation on https://github.com/OISF/suricata/pull/11195 thanks to catenacyber ====
@X===D=
SB Updated by Shivani Bhardwaj almost 2 years ago
- Target version changed from TBD to 8.0.0-beta1
This needs a decision. Our parser would accept such a string in all modes as the string does not have any non base64 alphabet. On popular base64 decoders as well such a string is accepted but it is rejected by some parsers like Python's base64 library as it is incorrect to have padding bytes in the middle of a string.
SB Updated by Shivani Bhardwaj almost 2 years ago
@Philippe Antoine what do you think about this issue?
PA Updated by Philippe Antoine almost 2 years ago
Should be rejected in strict mode, not in others if it is accepted by popular base64 decoders
SB Updated by Shivani Bhardwaj almost 2 years ago ยท Edited
- Status changed from Assigned to In Review
Closed by: https://github.com/OISF/suricata/pull/11802
SB Updated by Shivani Bhardwaj almost 2 years ago
- Subject changed from base64: don't accept = in the middle of a string to base64: strict mode should only accept strings that can be reliably converted back
SB Updated by Shivani Bhardwaj almost 2 years ago
- Description updated (diff)
SB Updated by Shivani Bhardwaj almost 2 years ago
- Related to Task #7058: fuzz/base64: check decoded strings for correctness in strict mode added
SB Updated by Shivani Bhardwaj almost 2 years ago
- Parent task set to #7065
SB Updated by Shivani Bhardwaj over 1 year ago
- Status changed from In Review to Closed