Skip to content

Commit

Permalink
don't die when data is not valid base64
Browse files Browse the repository at this point in the history
  • Loading branch information
@dvv
dvv committed Mar 13, 2013
1 parent b030df5 commit b35211d
Showing 1 changed file with 10 additions and 1 deletion.
11 changes: 10 additions & 1 deletion src/termit.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,13 @@ decode_base64(undefined, _, _) ->
{error, forged};

decode_base64(Bin, Secret, Ttl) when is_binary(Bin) ->
decode(base64:decode(Bin), Secret, Ttl).
% do not rely cookie was set by us -- it may be not a valid base64
try base64:decode(Bin) of
Decoded ->
decode(Decoded, Secret, Ttl)
catch _:_ ->
{error, forged}
end.

%%
%% -----------------------------------------------------------------------------
Expand Down Expand Up @@ -171,4 +177,7 @@ encode64_test() ->
?assertEqual({ok, Term}, decode_base64(encode_base64(Term, Secret), Secret, 1)),
?assertEqual({error, expired}, decode_base64(encode_base64(Term, Secret), Secret, 0)).

decode64_test() ->
?assertEqual({error, forged}, decode_base64(<<"%3A">>, a, b)).

-endif.

0 comments on commit b35211d

Please sign in to comment.