Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/7.0] Base64.Decode: fixed latent bug for non-ASCII inputs #76812

Merged
merged 4 commits into from
Oct 10, 2022
Merged

[release/7.0] Base64.Decode: fixed latent bug for non-ASCII inputs #76812

merged 4 commits into from
Oct 10, 2022
+19 −1

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Oct 10, 2022
edited by carlossanlop
Loading

Backport of #76795 to release/7.0

/cc @adamsitnik @gfoidl

Customer Impact

.NET 6 and earlier didn't have this bug. Without that fix in .NET 7 Base64.Decode has a bug in the recognization of non-ASCII / non-Base64 characters that leads to decoding of invalid data -- especially in the case of decoding via buffer-chains where up to consumed / written it should be assumed the data is valid. With the bug, this constraint is violated, meaning that customers could operate on invalid data.
As Base64 is used for e.g. security tokens too, that could be also a security hole.

Testing

Unit tests got added to repro the faulty behavior, and to ensure that the fix works.
Also manual debugging in a console app, to see where the bug originated.
The input values, which are added in the unit tests, are obtained by a fuzz-test run by me via sharpfuzz.

Risk

Low. The bug got introduced in the .NET 7 timeframe and wasn't there in .NET 6 and previous versions.
The additional bitwise and, that fixes the bug, is negligible perf-wise.

IMPORTANT: Is this backport for a servicing release? If so and this change touches code that ships in a NuGet package, please make certain that you have added any necessary package authoring and gotten it explicitly reviewed.

@dotnet-issue-labeler
Copy link

I couldn't figure out the best area label to add to this PR. If you have write-permissions please help me learn by adding exactly one area label.

@carlossanlop
Copy link
Member

@adamsitnik if this is ready, please fill out the template, add the servicing-consider label, and send an email to Tactics requesting approval. Reminder that today is snap day for GA.

@ghost
Copy link

ghost commented Oct 10, 2022

Tagging subscribers to this area: @dotnet/area-system-memory
See info in area-owners.md if you want to be subscribed.

Issue Details

Backport of #76795 to release/7.0

/cc @adamsitnik @gfoidl

Customer Impact

Testing

Risk

IMPORTANT: Is this backport for a servicing release? If so and this change touches code that ships in a NuGet package, please make certain that you have added any necessary package authoring and gotten it explicitly reviewed.

Author: github-actions[bot]
Assignees: adamsitnik
Labels:

area-System.Memory
Milestone: -

@carlossanlop
Copy link
Member

@gfoidl based on your knowledge of the main PR, do you mind helping answer these 3 items from the template?

  • Customer Impact
  • Testing
  • Risk

@gfoidl
Copy link
Member

gfoidl commented Oct 10, 2022

Is this sufficient?

Customer Impact

.NET 6 and earlier didn't have this bug. Without that fix in .NET 7 Base64.Decode has a bug in the recognization of non-ASCII / non-Base64 characters that leads to decoding of invalid data -- especially in the case of decoding via buffer-chains where up to consumed / written it should be assumed the data is valid. With the bug, this constraint is violated, meaning that customers could operate on invalid data.
As Base64 is used for e.g. security tokens too, that could be also a security hole.

Testing

Unit tests got added to repro the faulty behavior, and to ensure that the fix works.
Also manual debugging in a console app, to see where the bug originated.
The input values, which are added in the unit tests, are obtained by a fuzz-test run by me via sharpfuzz.

Risk

None I could see. The bug got introduced in the .NET 7 timeframe and wasn't there in .NET 6 and previous versions.
The additional bitwise and, that fixes the bug, is negligible perf-wise.

@carlossanlop
Copy link
Member

Thanks @gfoidl ! I'll copy it into the main description. I just changed the risk to "Low".

@carlossanlop carlossanlop added Servicing-consider Issue for next servicing release review Servicing-approved Approved for servicing release and removed Servicing-consider Issue for next servicing release review labels Oct 10, 2022
@carlossanlop
Copy link
Member

Approved by Tactics via email. @tannergooding all I need is a sign-off.

@carlossanlop
Copy link
Member

:shipit:

@carlossanlop carlossanlop merged commit 039b28e into release/7.0 Oct 10, 2022
@carlossanlop carlossanlop deleted the backport/pr-76795-to-release/7.0 branch October 10, 2022 19:15
@adamsitnik adamsitnik added this to the 7.0.0 milestone Oct 11, 2022
@ghost ghost locked as resolved and limited conversation to collaborators Nov 10, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tannergooding tannergooding tannergooding approved these changes

@jeffhandley jeffhandley Awaiting requested review from jeffhandley

@adamsitnik adamsitnik Awaiting requested review from adamsitnik

Assignees

@adamsitnik adamsitnik

Labels
area-System.Memory Servicing-approved Approved for servicing release
Projects
None yet
Milestone
7.0.0
Development

Successfully merging this pull request may close these issues.
4 participants
@carlossanlop @gfoidl @tannergooding @adamsitnik