From 42d0cc85f7db65f46cc32226e324b848d09fd364 Mon Sep 17 00:00:00 2001 From: Karel Miko Date: Tue, 27 Feb 2018 00:57:03 +0100 Subject: [PATCH] bug: decode_b58b + invalid input MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Petr Písař: Ported from: commit 34a3f543cc55e8f329b96b4311b85d63c30cf119 Author: Karel Miko Date: Tue Feb 27 00:57:03 2018 +0100 bug: decode_b58b + invalid input Signed-off-by: Petr Písař --- lib/Crypt/Misc.pm | 2 +- t/crypt-misc.t | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/lib/Crypt/Misc.pm b/lib/Crypt/Misc.pm index 167fbba..9bd0223 100644 --- a/lib/Crypt/Misc.pm +++ b/lib/Crypt/Misc.pm @@ -80,7 +80,7 @@ sub _decode_b58 { my $default = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuv"; if (defined $alphabet) { - return undef if $alphabet !~ /^[a-zA-Z0-9]{58}$/; + return undef if $alphabet !~ /^[a-zA-Z0-9]{58}$/ || $base58 !~ /^[$alphabet]+$/; eval "\$base58 =~ tr/$alphabet/$default/"; # HACK: https://stackoverflow.com/questions/11415045/using-a-char-variable-in-tr return undef if $@; } diff --git a/t/crypt-misc.t b/t/crypt-misc.t index 46fe739..d8892f3 100644 --- a/t/crypt-misc.t +++ b/t/crypt-misc.t @@ -1,6 +1,6 @@ use strict; use warnings; -use Test::More tests => 679; +use Test::More tests => 680; use Crypt::Misc qw( encode_b64 decode_b64 encode_b64u decode_b64u @@ -142,4 +142,6 @@ for my $h (@hex) { is(unpack("H*", decode_b32b(encode_b32b($b))), $h); is(unpack("H*", decode_b32z(encode_b32z($b))), $h); is(unpack("H*", decode_b32c(encode_b32c($b))), $h); -} \ No newline at end of file +} + +is(decode_b58b("111OIl0"), undef, "bug: decode_b58b + invalid input"); -- 2.13.6