From 15130caa8d3f4650d383647050ce918de728bc53 Mon Sep 17 00:00:00 2001 From: Derek Jones Date: Mon, 28 Jan 2008 15:54:45 +0000 Subject: * Added valid_base64() to the Validation class * Tightened up validation of the supplied string given to the decode() method of the Encryption class (#3320) --- system/libraries/Encrypt.php | 28 +++++++++++++++++++++------- system/libraries/Validation.php | 17 +++++++++++++++++ 2 files changed, 38 insertions(+), 7 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php index b533c0438..48f9d3e51 100644 --- a/system/libraries/Encrypt.php +++ b/system/libraries/Encrypt.php @@ -27,7 +27,8 @@ * @link http://codeigniter.com/user_guide/libraries/encryption.html */ class CI_Encrypt { - + + var $CI; var $encryption_key = ''; var $_hash_type = 'sha1'; var $_mcrypt_exists = FALSE; @@ -42,6 +43,7 @@ class CI_Encrypt { */ function CI_Encrypt() { + $this->CI =& get_instance(); $this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE; log_message('debug', "Encrypt Class Initialized"); } @@ -138,16 +140,22 @@ class CI_Encrypt { function decode($string, $key = '') { $key = $this->get_key($key); - $dec = base64_decode($string); - if ($dec === FALSE) - { - return FALSE; - } + $this->CI->load->library('validation'); + if ($this->CI->validation->valid_base64($string) === FALSE) + { + return FALSE; + } + + $dec = base64_decode($string); + if ($this->_mcrypt_exists === TRUE) { - $dec = $this->mcrypt_decode($dec, $key); + if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE) + { + return FALSE; + } } return $this->_xor_decode($dec, $key); @@ -266,6 +274,12 @@ class CI_Encrypt { { $data = $this->_remove_cipher_noise($data, $key); $init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode()); + + if ($init_size > strlen($data)) + { + return FALSE; + } + $init_vect = substr($data, 0, $init_size); $data = substr($data, $init_size); return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0"); diff --git a/system/libraries/Validation.php b/system/libraries/Validation.php index 162d362da..7720a7d17 100644 --- a/system/libraries/Validation.php +++ b/system/libraries/Validation.php @@ -572,6 +572,23 @@ class CI_Validation { // -------------------------------------------------------------------- + /** + * Valid Base64 + * + * Tests a string for characters outside of the Base64 alphabet + * as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045 + * + * @access public + * @param string + * @return bool + */ + function valid_base64($str) + { + return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str); + } + + // -------------------------------------------------------------------- + /** * Set Select * -- cgit v1.2.3-24-g4f1b