Require strict base64 in data URI

As the tests already show, the data URI wrapper is supposed to fail
for corrupt input, but for some reason, one case of invalid input is
still allowed to pass?! Strict base64 makes a lot more sense here.
Also, Chromium and Firefox fail on invalid base64, so it's a logical
choice for PHP as well.

diff --git a/ext/standard/tests/file/stream_rfc2397_006.phpt b/ext/standard/tests/file/stream_rfc2397_006.phpt
index e6694a2861628d93ac61940fd712766892a3836f..f6616a0c886a7a14df7cee1bc0c8ed3aa97e90ad 100644 (file)
--- a/ext/standard/tests/file/stream_rfc2397_006.phpt
+++ b/ext/standard/tests/file/stream_rfc2397_006.phpt
@@ -26,7 +26,9 @@ NULL
 
 Warning: file_get_contents() expects parameter 1 to be a valid path, string given in %s line %d
 NULL
-string(13) "foobar foobar"
+
+Warning: file_get_contents(data:;base64,#Zm9vYmFyIGZvb2Jhcg==): failed to open stream: rfc2397: unable to decode in %sstream_rfc2397_006.php on line %d
+bool(false)
 
 Warning: file_get_contents(data:;base64,#Zm9vYmFyIGZvb2Jhc=): failed to open stream: rfc2397: unable to decode in %sstream_rfc2397_006.php on line %d
 bool(false)

diff --git a/main/streams/memory.c b/main/streams/memory.c
index afa45c3968559a420f676c660158efa204be2cb1..a1af61e3f0b4cc5f97ba94ade212288150b92a4c 100644 (file)
--- a/main/streams/memory.c
+++ b/main/streams/memory.c
@@ -720,7 +720,7 @@ static php_stream * php_stream_url_wrap_rfc2397(php_stream_wrapper *wrapper, con
        dlen--;
 
        if (base64) {
-               base64_comma = php_base64_decode((const unsigned char *)comma, dlen);
+               base64_comma = php_base64_decode_ex((const unsigned char *)comma, dlen, 1);
                if (!base64_comma) {
                        zval_ptr_dtor(&meta);
                        php_stream_wrapper_log_error(wrapper, options, "rfc2397: unable to decode");