padding byte of 0x00 isn't valid

author: Jesse Luehrs <doy@tozt.net> 2015-03-28 03:10:42 -0400
committer: Jesse Luehrs <doy@tozt.net> 2015-03-28 03:10:42 -0400
commit: cf487bb3c09d4e0532bd452ad3aa5eb292b176ba (patch)
tree: 7c5b42f3a9f464c5d0b628795e4159dee4b59f4b
parent: f0af2c1b75c366b228925a8b88cf3bf19066dc41 (diff)
download: matasano-cf487bb3c09d4e0532bd452ad3aa5eb292b176ba.tar.gz
matasano-cf487bb3c09d4e0532bd452ad3aa5eb292b176ba.zip
2 files changed, 5 insertions, 1 deletions
diff --git a/src/primitives.rs b/src/primitives.rs
index fabbce4..fb80a79 100644
--- a/src/primitives.rs
+++ b/src/primitives.rs
@@ -35,7 +35,7 @@ pub fn pad_pkcs7 (block: &[u8], blocksize: u8) -> Vec<u8> {
 pub fn unpad_pkcs7 (block: &[u8]) -> Option<&[u8]> {
     let padding_byte = block[block.len() - 1];
     let padding_len = padding_byte as usize;
-    if padding_len > block.len() {
+    if padding_len > block.len() || padding_len == 0 {
         return None;
     }
 
diff --git a/tests/lib.rs b/tests/lib.rs
index 3dbfa55..4ebeebf 100644
--- a/tests/lib.rs
+++ b/tests/lib.rs
@@ -298,6 +298,10 @@ fn problem_15 () {
         None
     );
     assert_eq!(
+        matasano::unpad_pkcs7(b"ICE ICE BABY\x00"),
+        None
+    );
+    assert_eq!(
         matasano::unpad_pkcs7(b"\x04\x04\x04\x04"),
         Some(&b""[..])
     );
author	Jesse Luehrs <doy@tozt.net>	2015-03-28 03:10:42 -0400
committer	Jesse Luehrs <doy@tozt.net>	2015-03-28 03:10:42 -0400
commit	cf487bb3c09d4e0532bd452ad3aa5eb292b176ba (patch)
tree	7c5b42f3a9f464c5d0b628795e4159dee4b59f4b
parent	f0af2c1b75c366b228925a8b88cf3bf19066dc41 (diff)
download	matasano-cf487bb3c09d4e0532bd452ad3aa5eb292b176ba.tar.gz matasano-cf487bb3c09d4e0532bd452ad3aa5eb292b176ba.zip