# HG changeset patch
# User Sebastien Jodogne <s.jodogne@gmail.com>
# Date 1461308706 -7200
# Node ID 4b545a8b1f95e913da69f468ff65e019a3ab70ff
# Parent  ebce5f456b8ecfde0e07d2ce27622c05def3a070
return code in Toolbox::DecodeDataUriScheme

diff -r ebce5f456b8e -r 4b545a8b1f95 Core/Toolbox.cpp
--- a/Core/Toolbox.cpp	Fri Apr 22 08:57:33 2016 +0200
+++ b/Core/Toolbox.cpp	Fri Apr 22 09:05:06 2016 +0200
@@ -587,7 +587,7 @@
 
 
 #  if BOOST_HAS_REGEX == 1
-  void Toolbox::DecodeDataUriScheme(std::string& mime,
+  bool Toolbox::DecodeDataUriScheme(std::string& mime,
                                     std::string& content,
                                     const std::string& source)
   {
@@ -599,10 +599,11 @@
     {
       mime = what[1];
       DecodeBase64(content, what[2]);
+      return true;
     }
     else
     {
-      throw OrthancException(ErrorCode_BadFileFormat);
+      return false;
     }
   }
 #  endif
diff -r ebce5f456b8e -r 4b545a8b1f95 Core/Toolbox.h
--- a/Core/Toolbox.h	Fri Apr 22 08:57:33 2016 +0200
+++ b/Core/Toolbox.h	Fri Apr 22 09:05:06 2016 +0200
@@ -127,7 +127,7 @@
                       const std::string& data);
 
 #  if BOOST_HAS_REGEX == 1
-    void DecodeDataUriScheme(std::string& mime,
+    bool DecodeDataUriScheme(std::string& mime,
                              std::string& content,
                              const std::string& source);
 #  endif
diff -r ebce5f456b8e -r 4b545a8b1f95 OrthancServer/FromDcmtkBridge.cpp
--- a/OrthancServer/FromDcmtkBridge.cpp	Fri Apr 22 08:57:33 2016 +0200
+++ b/OrthancServer/FromDcmtkBridge.cpp	Fri Apr 22 09:05:06 2016 +0200
@@ -1264,7 +1264,11 @@
         boost::starts_with(utf8Value, "data:application/octet-stream;base64,"))
     {
       std::string mime;
-      Toolbox::DecodeDataUriScheme(mime, binary, utf8Value);
+      if (!Toolbox::DecodeDataUriScheme(mime, binary, utf8Value))
+      {
+        throw OrthancException(ErrorCode_BadFileFormat);
+      }
+
       decoded = &binary;
     }
     else if (dicomEncoding != Encoding_Utf8)
diff -r ebce5f456b8e -r 4b545a8b1f95 OrthancServer/ParsedDicomFile.cpp
--- a/OrthancServer/ParsedDicomFile.cpp	Fri Apr 22 08:57:33 2016 +0200
+++ b/OrthancServer/ParsedDicomFile.cpp	Fri Apr 22 09:05:06 2016 +0200
@@ -635,7 +635,11 @@
         boost::starts_with(utf8Value, "data:application/octet-stream;base64,"))
     {
       std::string mime;
-      Toolbox::DecodeDataUriScheme(mime, binary, utf8Value);
+      if (!Toolbox::DecodeDataUriScheme(mime, binary, utf8Value))
+      {
+        throw OrthancException(ErrorCode_BadFileFormat);
+      }
+
       decoded = &binary;
     }
     else
@@ -911,7 +915,11 @@
   void ParsedDicomFile::EmbedContent(const std::string& dataUriScheme)
   {
     std::string mime, content;
-    Toolbox::DecodeDataUriScheme(mime, content, dataUriScheme);
+    if (!Toolbox::DecodeDataUriScheme(mime, content, dataUriScheme))
+    {
+      throw OrthancException(ErrorCode_BadFileFormat);
+    }
+
     Toolbox::ToLowerCase(mime);
 
     if (mime == "image/png" ||
diff -r ebce5f456b8e -r 4b545a8b1f95 UnitTestsSources/FromDcmtkTests.cpp
--- a/UnitTestsSources/FromDcmtkTests.cpp	Fri Apr 22 08:57:33 2016 +0200
+++ b/UnitTestsSources/FromDcmtkTests.cpp	Fri Apr 22 09:05:06 2016 +0200
@@ -154,7 +154,7 @@
   std::string s = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==";
 
   std::string m, cc;
-  Toolbox::DecodeDataUriScheme(m, cc, s);
+  ASSERT_TRUE(Toolbox::DecodeDataUriScheme(m, cc, s));
 
   ASSERT_EQ("image/png", m);
 
@@ -566,7 +566,7 @@
   ASSERT_EQ("Some public tag", v["7050,1000"].asString());
   std::string mime, content;
   ASSERT_EQ(Json::stringValue, v["7053,1000"].type());
-  Toolbox::DecodeDataUriScheme(mime, content, v["7053,1000"].asString());
+  ASSERT_TRUE(Toolbox::DecodeDataUriScheme(mime, content, v["7053,1000"].asString()));
   ASSERT_EQ("application/octet-stream", mime);
   ASSERT_EQ("Some private tag", content);
 
@@ -587,7 +587,7 @@
   ASSERT_FALSE(v.isMember("7053,1000"));
   ASSERT_EQ("Some public tag", v["7050,1000"].asString());
   ASSERT_EQ(Json::stringValue, v["7052,1000"].type());
-  Toolbox::DecodeDataUriScheme(mime, content, v["7052,1000"].asString());
+  ASSERT_TRUE(Toolbox::DecodeDataUriScheme(mime, content, v["7052,1000"].asString()));
   ASSERT_EQ("application/octet-stream", mime);
   ASSERT_EQ("Some unknown tag", content);
 
@@ -633,7 +633,7 @@
   ASSERT_TRUE(v.isMember("7fe0,0010"));  
   ASSERT_EQ(Json::stringValue, v["7fe0,0010"].type());
   std::string mime, content;
-  Toolbox::DecodeDataUriScheme(mime, content, v["7fe0,0010"].asString());
+  ASSERT_TRUE(Toolbox::DecodeDataUriScheme(mime, content, v["7fe0,0010"].asString()));
   ASSERT_EQ("application/octet-stream", mime);
   ASSERT_EQ("Pixels", content);
 }
@@ -733,7 +733,7 @@
     dicom->ToJson(vv, DicomToJsonFormat_Human, static_cast<DicomToJsonFlags>(DicomToJsonFlags_IncludePixelData), 0);
 
     std::string mime, content;
-    Toolbox::DecodeDataUriScheme(mime, content, vv["PixelData"].asString());
+    ASSERT_TRUE(Toolbox::DecodeDataUriScheme(mime, content, vv["PixelData"].asString()));
     ASSERT_EQ("application/octet-stream", mime);
     ASSERT_EQ(5u * 5u * 3u /* the red dot is 5x5 pixels in RGB24 */ + 1 /* for padding */, content.size());
   }