* Added valid_base64() to the Validation class
* Tightened up validation of the supplied string given to the decode() method of the Encryption class (#3320)
diff --git a/system/libraries/Encrypt.php b/system/libraries/Encrypt.php
index b533c04..48f9d3e 100644
--- a/system/libraries/Encrypt.php
+++ b/system/libraries/Encrypt.php
@@ -27,7 +27,8 @@
* @link http://codeigniter.com/user_guide/libraries/encryption.html
*/
class CI_Encrypt {
-
+
+ var $CI;
var $encryption_key = '';
var $_hash_type = 'sha1';
var $_mcrypt_exists = FALSE;
@@ -42,6 +43,7 @@
*/
function CI_Encrypt()
{
+ $this->CI =& get_instance();
$this->_mcrypt_exists = ( ! function_exists('mcrypt_encrypt')) ? FALSE : TRUE;
log_message('debug', "Encrypt Class Initialized");
}
@@ -138,16 +140,22 @@
function decode($string, $key = '')
{
$key = $this->get_key($key);
+
+ $this->CI->load->library('validation');
+
+ if ($this->CI->validation->valid_base64($string) === FALSE)
+ {
+ return FALSE;
+ }
+
$dec = base64_decode($string);
-
- if ($dec === FALSE)
- {
- return FALSE;
- }
-
+
if ($this->_mcrypt_exists === TRUE)
{
- $dec = $this->mcrypt_decode($dec, $key);
+ if (($dec = $this->mcrypt_decode($dec, $key)) === FALSE)
+ {
+ return FALSE;
+ }
}
return $this->_xor_decode($dec, $key);
@@ -266,6 +274,12 @@
{
$data = $this->_remove_cipher_noise($data, $key);
$init_size = mcrypt_get_iv_size($this->_get_cipher(), $this->_get_mode());
+
+ if ($init_size > strlen($data))
+ {
+ return FALSE;
+ }
+
$init_vect = substr($data, 0, $init_size);
$data = substr($data, $init_size);
return rtrim(mcrypt_decrypt($this->_get_cipher(), $key, $data, $this->_get_mode(), $init_vect), "\0");
diff --git a/system/libraries/Validation.php b/system/libraries/Validation.php
index 162d362..7720a7d 100644
--- a/system/libraries/Validation.php
+++ b/system/libraries/Validation.php
@@ -573,6 +573,23 @@
// --------------------------------------------------------------------
/**
+ * Valid Base64
+ *
+ * Tests a string for characters outside of the Base64 alphabet
+ * as defined by RFC 2045 http://www.faqs.org/rfcs/rfc2045
+ *
+ * @access public
+ * @param string
+ * @return bool
+ */
+ function valid_base64($str)
+ {
+ return (bool) ! preg_match('/[^a-zA-Z0-9\/\+=]/', $str);
+ }
+
+ // --------------------------------------------------------------------
+
+ /**
* Set Select
*
* Enables pull-down lists to be set to the value the user
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index b55de62..c9d2684 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -116,6 +116,7 @@
<li>Added a language entry for valid_ip validation error.</li>
<li>Modified prep_for_form() in the Validation class to accept arrays, adding support for POST array validation (via callbacks only)</li>
<li>Added an "integer" rule into the <a href="./libraries/validation.html">Validation</a> library.</li>
+ <li>Added valid_base64() to the Validation library.</li>
<li>Changed the behaviour of custom callbacks so that they no longer trigger the "required" rule. </li>
<li>Modified Upload class $_FILES error messages to be more precise.</li>
<li>Moved the safe mode and auth checks for the Email library into the constructor. </li>
diff --git a/user_guide/libraries/validation.html b/user_guide/libraries/validation.html
index f9cac85..facd1a5 100644
--- a/user_guide/libraries/validation.html
+++ b/user_guide/libraries/validation.html
@@ -602,6 +602,12 @@
<td class="td">Returns FALSE if the supplied IP is not valid.</td>
<td class="td"> </td>
</tr>
+<tr>
+ <td class="td"><strong>valid_base64</strong></td>
+ <td class="td">No</td>
+ <td class="td">Returns FALSE if the supplied string contains anything other than valid Base64 characters.</td>
+ <td class="td"> </td>
+</tr>
</table>
<p><strong>Note:</strong> These rules can also be called as discreet functions. For example:</p>