@@ -25,6 +25,17 @@ static const std::vector<char> alphabet = {

 namespace

 {

+class invalid_input_size : public std::exception

+{

+private:

+    using string_size = std::string::size_type;

+public:

+    string_size received_size;

+    invalid_input_size(string_size received_size) :

+        received_size (received_size)

+    {}

+};

+

 class base32_impl : public base32_ifc

 {

 private:

@@ -165,11 +176,16 @@ private:

         std::string::size_type input_size = input.size();

         std::string::size_type first_equals = input.find_first_of ('=');

+        if (input_size == 0 || (input_size % 8 != 0)) {

+            throw invalid_input_size(input_size);

+        }

+

         if (first_equals != std::string::npos) {

             input_size = first_equals;

         }

         return (input_size * 5) / 8;

+

     }

 public:

@@ -64,8 +64,13 @@ int decode_validates_input()

     // The token for key 76I6WTYEUTNCJUREMGKVM45PMA and time '2017/01/01 00:00:00' is 258675

     base32 codec = base32();

-    std::vector<uint8_t> result = codec.decode("\x00");

-    check(result.empty(), "invalid input doesn't produce an empty result");

+    try {

+        codec.decode("\x00");

+        codec.decode("\x00\x00\x00\x00\x00\x00\x00\x00\x00");

+        fail("invalid length should result in an exception");

+    } catch (std::exception e) {

+        succeed();

+    }

     succeed();

 }

@@ -122,7 +122,7 @@ int installs_token()

 {

     //given

     std::string user_name ("user");

-    std::string key ("thekey");

+    std::string key ("thekeyis");

     std::string token ("thetoken");

     auto  test_tokens = std::make_shared<mock_tokens> (key);

     tokens tokens{test_tokens};

@@ -238,4 +238,3 @@ int main (int argc, char *argv[])

 {

     return !run_tests();

 }

-