From 15130caa8d3f4650d383647050ce918de728bc53 Mon Sep 17 00:00:00 2001
From: Derek Jones <derek.jones@ellislab.com>
Date: Mon, 28 Jan 2008 15:54:45 +0000
Subject: * Added valid_base64() to the Validation class * Tightened up
 validation of the supplied string given to the decode() method of the
 Encryption class (#3320)

---
 system/libraries/Encrypt.php         | 28 +++++++++++++++++++++-------
 system/libraries/Validation.php      | 17 +++++++++++++++++
 user_guide/changelog.html            |  1 +
 user_guide/libraries/validation.html |  6 ++++++
 4 files changed, 45 insertions(+), 7 deletions(-)

diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index b533c0438..48f9d3e51 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -27,7 +27,8 @@
  * @link		http://codeigniter.com/user_guide/libraries/encryption.html
  */
 class CI_Encrypt {
-
+	
+	var $CI;
 	var $encryption_key	= '';
 	var $_hash_type	= 'sha1';
 	var $_mcrypt_exists = FALSE;
@@ -42,6 +43,7 @@ class CI_Encrypt {
 	 */
 	function CI_Encrypt()
 	{
+		$this->CI =& get_instance();
 		$this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
 		log_message('debug', "Encrypt Class Initialized");
 	}
@@ -138,16 +140,22 @@ class CI_Encrypt {
 	function decode($string, $key = '')
 	{
 		$key = $this->get_key($key);
-		$dec = base64_decode($string);
 		
-		 if ($dec === FALSE)
-		 {
-		 	return FALSE;
-		 }
+		$this->CI->load->library('validation');
 		
+		if ($this->CI->validation->valid_base64($string) === FALSE)
+		{
+			return FALSE;
+		}
+
+		$dec = base64_decode($string);
+
 		if ($this->_mcrypt_exists === TRUE)
 		{
-			$dec = $this->mcrypt_decode($dec, $key);
+			if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
+			{
+				return FALSE;
+			}
 		}
 		
 		return $this->_xor_decode($dec, $key);
@@ -266,6 +274,12 @@ class CI_Encrypt {
 	{
 		$data = $this->_remove_cipher_noise($data, $key);
 		$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
+		
+		if ($init_size > strlen($data))
+		{
+			return FALSE;
+		}
+		
 		$init_vect = substr($data, 0, $init_size);
 		$data = substr($data, $init_size);
 		return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0");
diff --git a/system/libraries/Validation.php b/system/libraries/Validation.php
index 162d362da..7720a7d17 100644
--- a/system/libraries/Validation.php
+++ b/system/libraries/Validation.php
@@ -572,6 +572,23 @@ class CI_Validation {
 	
 	// --------------------------------------------------------------------
 	
+	/**
+	 * Valid Base64
+	 *
+	 * Tests a string for characters outside of the Base64 alphabet
+	 * as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045
+	 *
+	 * @access	public
+	 * @param	string
+	 * @return	bool
+	 */
+	function valid_base64($str)
+	{
+		return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str);
+	}
+
+	// --------------------------------------------------------------------
+	
 	/**
 	 * Set Select
 	 *
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index b55de6278..c9d26844e 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -116,6 +116,7 @@ Change Log
 			<li>Added a language entry for valid_ip validation error.</li>
 		    <li>Modified prep_for_form() in the Validation class to accept arrays, adding support for POST array validation (via callbacks only)</li>
 		    <li>Added an &quot;integer&quot; rule into the <a href="./libraries/validation.html">Validation</a> library.</li>
+			<li>Added valid_base64() to the Validation library.</li>
 		    <li>Changed the behaviour of custom callbacks so that they no longer trigger the &quot;required&quot; rule. </li>
 			<li>Modified Upload class $_FILES error messages to be more precise.</li>
 			<li>Moved the safe mode and auth checks for the Email library into the constructor. </li>
diff --git a/user_guide/libraries/validation.html b/user_guide/libraries/validation.html
index f9cac856b..facd1a583 100644
--- a/user_guide/libraries/validation.html
+++ b/user_guide/libraries/validation.html
@@ -602,6 +602,12 @@ For example, your "username" error will be available at:<br /><dfn>$this->valida
 <td class="td">Returns FALSE if the supplied IP is not valid.</td>
 <td class="td">&nbsp;</td>
 </tr>
+<tr>
+    <td class="td"><strong>valid_base64</strong></td>
+    <td class="td">No</td>
+    <td class="td">Returns FALSE if the supplied string contains anything other than valid Base64 characters.</td>
+    <td class="td">&nbsp;</td>
+</tr>
 </table>
 
 <p><strong>Note:</strong> These rules can also be called as discreet functions. For example:</p>
-- 
cgit v1.2.3-24-g4f1b