Created
November 12, 2011 17:07
-
-
Save knzm/1360823 to your computer and use it in GitHub Desktop.
blockdiag shorturl issue inspection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Flow analysis | |
| ============== | |
| in compress:: | |
| diagram = Base64.encodeURI('\x78\x9c' + RawDeflate.deflate(diagram) + adler32(diagram)); | |
| in decompress:: | |
| source = Base64.decode(source) | |
| source = Base64.utob(source); | |
| source = source.substring(2, source.length - 4); | |
| source = RawDeflate.inflate(source); | |
| source = Base64.btou(source); | |
| Data analysis | |
| ============== | |
| 1st inspection | |
| -------------- | |
| For some broken shorturl, it turns out ... | |
| :: | |
| >>> src = $("textarea").val() | |
| >>> RawDeflate.inflate(RawDeflate.deflate(src)) == src | |
| true | |
| :: | |
| (Javascript) | |
| >>> b4 = '\x8cc\xad\x81\xc2\xa6V\n.\x99' | |
| >>> $.map(b4, function(c, i){return b4.charCodeAt(i)}).join(" ") | |
| "140 99 173 129 194 166 86 10 46 153" | |
| >>> Base64.encodeURI(b4) | |
| "jGOtgcKmVgoumQ" | |
| >>> b5 = Base64.decode("jGOtgcKmVgoumQ") | |
| >>> $.map(b5, function(c, i){return b5.charCodeAt(i)}).join(" ") | |
| "140 99 173 129 166 86 10 46 153" | |
| >>> b6 = Base64.utob(b5) | |
| >>> $.map(b6, function(c, i){return b6.charCodeAt(i)}).join(" ") | |
| "140 99 173 129 166 86 10 46 153" | |
| :: | |
| (Python) | |
| >>> import base64 | |
| >>> b4 = '\x8cc\xad\x81\xc2\xa6V\n.\x99' | |
| >>> base64.b64encode(b4) | |
| 'jGOtgcKmVgoumQ==' | |
| It seems Base64.decode() is wrong. | |
| 2st inspection | |
| -------------- | |
| Base64.decode() is actually a function like this:: | |
| decode:function(a){ | |
| return btou(atob(a.replace(/[-_]/g, function(m0){ | |
| return m0 == '-' ? '+' : '/'; | |
| }))); | |
| } | |
| :: | |
| >>> b7 = atob("jGOtgcKmVgoumQ") | |
| >>> $.map(b7, function(c, i){return b7.charCodeAt(i)}).join(" ") | |
| "140 99 173 129 194 166 86 10 46 153" | |
| >>> b8 = Base64.btou(b7) | |
| >>> $.map(b8, function(c, i){return b8.charCodeAt(i)}).join(" ") | |
| "140 99 173 129 166 86 10 46 153" | |
| Base64.btou() is a function defined as:: | |
| var btou = function(bin){ | |
| return bin.replace(re_bytes_nonascii, sub_bytes_nonascii); | |
| }; | |
| and here are `re_bytes_nonascii` regex and `sub_bytes_nonascii` function:: | |
| var re_bytes_nonascii | |
| = /[\xC0-\xDF][\x80-\xBF]|[\xE0-\xEF][\x80-\xBF]{2}|[\xF0-\xF7][\x80-\xBF]{3}/g; | |
| var sub_bytes_nonascii = function(m){ | |
| var c0 = m.charCodeAt(0); | |
| var c1 = m.charCodeAt(1); | |
| if(c0 < 0xe0){ | |
| return String.fromCharCode(((c0 & 0x1f) << 6) | (c1 & 0x3f)); | |
| }else{ | |
| var c2 = m.charCodeAt(2); | |
| return String.fromCharCode( | |
| ((c0 & 0x0f) << 12) | ((c1 & 0x3f) << 6) | (c2 & 0x3f) | |
| ); | |
| } | |
| }; | |
| simplified case:: | |
| >>> s="\xc2\xa6" | |
| "¦" | |
| >>> s.replace(re_bytes_nonascii, sub_bytes_nonascii) | |
| "¦" | |
| >>> c0 = 0xc2 | |
| >>> c1 = 0xa6 | |
| >>> String.fromCharCode(((c0 & 0x1f) << 6) | (c1 & 0x3f)) | |
| "¦" | |
| Bingo! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment