Problem:
We have some code that intends to return a friendly error if the first byte is base64 encoded:
|
/* Precondition: version and type must be the required values. */ |
|
needs( |
|
version === MessageFormat.V1 && type === 128, |
|
version === 65 && type === 89 |
|
? 'Malformed Header: This blob may be base64 encoded.' |
|
: 'Malformed Header.' |
|
needs( |
|
version === MessageFormat.V2, |
|
version === 65 |
|
? 'Malformed Header: This blob may be base64 encoded.' |
|
: 'Malformed Header.' |
However we can't ever get inside those statements because we first do a check at:
|
needs(deserializer, 'Not a supported message format version.') |
Solution:
Move the logic checking the expected first byte in Base64 before the branch that determines which version we're deserializing.
Out of scope:
n/a
Problem:
We have some code that intends to return a friendly error if the first byte is base64 encoded:
aws-encryption-sdk-javascript/modules/serialize/src/deserialize_header_v1.ts
Lines 88 to 93 in 43813f4
aws-encryption-sdk-javascript/modules/serialize/src/deserialize_header_v2.ts
Lines 92 to 96 in 43813f4
However we can't ever get inside those statements because we first do a check at:
aws-encryption-sdk-javascript/modules/serialize/src/deserialize_factory.ts
Line 74 in 43813f4
Solution:
Move the logic checking the expected first byte in Base64 before the branch that determines which version we're deserializing.
Out of scope:
n/a