[Libwebsockets] Issue with lws_b64_decode_string in some cases - what's wrong ?
andy at warmcat.com
Wed Aug 3 21:26:22 CEST 2016
On Wed, 2016-08-03 at 14:40 +0000, Shmuel Weiss wrote:
> Hi Andy,
> Strange issue with lws_b64_decode_string:
> Look at this Authorization field into an HTTP header “Basic
> After decrypt using lws_b64_decode_string I got: ”Admin:kloikloi,”
> This should be ”Admin:kloikloi” without the comma at the end. (you
> can check with https://www.base64decode.org/)
> Can you please check ? (I have compiled the code for arm on BBB
> 32bits using gcc4.9 linaro)
> This problem is not reproducible with all the strings, just in some
> cases I am getting an extra character.
> IN this example, I am getting always this extra character.
> My code:
> static char login;
> std::string login_field=”QWRtaW46a2xvaWtsb2k=”;
> int n =
You're right, it's a bug. Ws handshake never hits it because the
lengths are fixed and not one it fails on, and since it's only a
problem in decode, nor does lws other b64 use in proxy auth generation
which uses encode. So it's been hiding there a while.
I added the worked example from the wikipedia page to the selftest
code, along with the fix here
or just update to current master to get it.
> I am using v2.0.0-91-gaf0b051 of libwebsockets
> This mail was sent via Mail-SeCure System.
> Libwebsockets mailing list
> Libwebsockets at ml.libwebsockets.org
More information about the Libwebsockets