🐛 Fix base64 _decode Double Padding Detection (#345)

### 🕓 Changelog

This PR fixes incorrect padding detection in the `base64` `_decode`
function. The logic incorrectly identified `/` or `_` (index `63`) as
the padding character instead of `=` (index `64`), and checked single
padding before double padding. This caused
[Base64](https://en.wikipedia.org/wiki/Base64) strings with `/` or `_`
in the third position (e.g. `AA/A` or `AA_A`) to be incorrectly
truncated, and strings with double padding (`==`) to be mishandled. This
patch corrects the index to `64`, reorders the conditional checks to
handle double padding before single padding, and adds an assertion to
reject invalid padding combinations. Since the `base64` contract is not
used in production, this bug poses _no_ security risk. Thanks to
@Leminkay for identifying this bug!

---------

Signed-off-by: Pascal Marco Caversaccio <pascal.caversaccio@hotmail.ch>

Author: pcaversaccio

.gas-snapshot

@@ -7,6 +7,11 @@
 - **Utility Functions**
   - [`eip7702_utils`](https://github.com/pcaversaccio/snekmate/blob/v0.1.3/src/snekmate/utils/eip7702_utils.vy): Add [EIP-7702](https://eips.ethereum.org/EIPS/eip-7702)-based utility functions. ([#335](https://github.com/pcaversaccio/snekmate/pull/335))
 
+### 🐛 Bug Fixes
+
+- **Utility Functions**
+  - [`base64`](https://github.com/pcaversaccio/snekmate/blob/v0.1.3/src/snekmate/utils/base64.vy): Fix `base64` `_decode` double padding detection. ([#345](https://github.com/pcaversaccio/snekmate/pull/345))
+
 ### 🔖 Release Management
 
 - Use trusted publishing for `npm` package. ([#341](https://github.com/pcaversaccio/snekmate/pull/341))

.gas-snapshot-venom

@@ -32,7 +32,7 @@
   "lib/openzeppelin-contracts": {
     "branch": {
       "name": "master",
-      "rev": "04e683b550b496bfbf471ed960b7feed25b47669"
+      "rev": "eb97fd3f153589bc4d7cd0c512956b18aa844cfd"
     }
   },
   "lib/prb-test": {

CHANGELOG.md

@@ -215,14 +215,15 @@ def _decode(data: String[_DATA_OUTPUT_BOUND], base64_url: bool) -> DynArray[Byte
             b2: bytes1 = convert(convert((chunk_bytes >> 8) & 255, uint8), bytes1)
             b3: bytes1 = convert(convert(chunk_bytes & 255, uint8), bytes1)
 
-            # Case 1: padding of "=" as part of the
+            # Case 1: padding of "==" as part of the
             # encoded input.
-            if c4 == 64:
-                result.append(concat(b1, b2, x"00"))
-            # Case 2: padding of "==" as part of the
-            # encoded input.
-            elif c3 == 63:
+            if c3 == 64:
+                assert c4 == 64, "base64: invalid padding"
                 result.append(concat(b1, x"0000"))
+            # Case 2: padding of "=" as part of the
+            # encoded input.
+            elif c4 == 64:
+                result.append(concat(b1, b2, x"00"))
             # Case 3: no padding as part of the encoded
             # input.
             else:
@@ -252,14 +253,15 @@ def _decode(data: String[_DATA_OUTPUT_BOUND], base64_url: bool) -> DynArray[Byte
             b2: bytes1 = convert(convert((chunk_bytes >> 8) & 255, uint8), bytes1)
             b3: bytes1 = convert(convert(chunk_bytes & 255, uint8), bytes1)
 
-            # Case 1: padding of "=" as part of the
+            # Case 1: padding of "==" as part of the
             # encoded input.
-            if c4 == 64:
-                result.append(concat(b1, b2, x"00"))
-            # Case 2: padding of "==" as part of the
-            # encoded input.
-            elif c3 == 63:
+            if c3 == 64:
+                assert c4 == 64, "base64: invalid padding"
                 result.append(concat(b1, x"0000"))
+            # Case 2: padding of "=" as part of the
+            # encoded input.
+            elif c4 == 64:
+                result.append(concat(b1, b2, x"00"))
             # Case 3: no padding as part of the encoded
             # input.
             else:

foundry.lock

@@ -208,11 +208,47 @@ contract Base64Test is PRBTest {
         assertEq(string(returnDataUrl), text);
     }
 
+    function testDecodeIndex63NotTreatedAsPadding() public {
+        string memory text1 = "AA/A";
+        string memory data1 = "QUEvQQ==";
+        bytes[] memory outputStd1 = base64.decode(data1, false);
+        bytes[] memory outputUrl1 = base64.decode(data1, true);
+        bytes memory returnDataStd1 = bytes.concat(outputStd1[0], outputStd1[1]);
+        bytes memory returnDataUrl1 = bytes.concat(outputUrl1[0], outputUrl1[1]);
+        /**
+         * @dev We remove the two trailing zero bytes that stem from
+         * the padding to ensure byte-level equality.
+         */
+        assertEq(string(returnDataStd1.slice(0, returnDataStd1.length - 2)), text1);
+        assertEq(string(returnDataUrl1.slice(0, returnDataUrl1.length - 2)), text1);
+
+        string memory text2 = "AA_A";
+        string memory data2 = "QUFfQQ==";
+        bytes[] memory outputStd2 = base64.decode(data2, false);
+        bytes[] memory outputUrl2 = base64.decode(data2, true);
+        bytes memory returnDataStd2 = bytes.concat(outputStd2[0], outputStd2[1]);
+        bytes memory returnDataUrl2 = bytes.concat(outputUrl2[0], outputUrl2[1]);
+        /**
+         * @dev We remove the two trailing zero bytes that stem from
+         * the padding to ensure byte-level equality.
+         */
+        assertEq(string(returnDataStd2.slice(0, returnDataStd2.length - 2)), text2);
+        assertEq(string(returnDataUrl2.slice(0, returnDataUrl2.length - 2)), text2);
+    }
+
     function testDataLengthMismatch() public {
         string memory data = "W11jI";
         vm.expectRevert(bytes("base64: length mismatch"));
         base64.decode(data, false);
         vm.expectRevert(bytes("base64: length mismatch"));
         base64.decode(data, true);
     }
+
+    function testInvalidPadding() public {
+        string memory data = "TQ=u";
+        vm.expectRevert(bytes("base64: invalid padding"));
+        base64.decode(data, false);
+        vm.expectRevert(bytes("base64: invalid padding"));
+        base64.decode(data, true);
+    }
 }