I was looking at http_auth.c, function base64_decode, and found that in the base64_reverse_table there is one row missing, there are 15 rows (16 x 15) instead of 16. I know it's not likely that a character greater or equal 239 appears in the string to be decoded... but I just wanted to say :).
Great webserver! :)
Fix base64 decoding in mod_auth (#1757, thx guido)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2315 152afb58-edef-0310-8abb-c4023f1b3aa9
Updated by stbuehler over 10 years ago
- Status changed from New to Assigned
Yes, you are right. Shouldn't be a real problem, because if the encoded string contains such characters it is broken anyway, but we should ignore the broken characters according to the RFC.
I already have a patch, but i guess i will keep it for after 1.4.20.
Also available in: Atom