Fix #72152: base64_decode should reject NUL in strict mode

[Metabolix]

https://bugs.php.net/bug.php?id=72152

The documentation for base64_decode parameter $strict says, "Returns FALSE if input contains character from outside the base64 alphabet." This should apply to NUL bytes as well.

[nikic]

Shouldn't we just drop the \0 check at the top? Even in non-strict mode the NUL byte should simply be ignored.

[Metabolix]

That's true, I've updated the PR.

[nikic]

With this change ext/standard/tests/url/bug55273.phpt on Travis fails with

006+ bool(false)
006- string(2) "PH"
009+ bool(false)
009- string(1) "P"

This is probably related to the contents in the ch == base64_pad branch ... which look pretty fishy to me. E.g. it increments current in one loop while not also decrementing the length :/

[Metabolix]

Whoops. Would you prefer going back to my original fix or revising the whole thing?

[Metabolix]

The aforementioned padding branch doesn't even handle the length correctly but instead loops through all whitespace, possibly causing past-the-end access.

I opted for the rewrite, which actually revealed various other problems. I'll start a discussion on the mailing list, let's see how it goes.

[Metabolix]

Submitted another approach as PR 1923.