r4sas/py-i2phosts
1
0
Fork 0
mirror of https://github.com/r4sas/py-i2phosts synced 2025-01-29 16:04:15 +00:00
Code Issues Releases Wiki Activity

web/lib/validation.py: add base64-validity check

Browse Source 
Base 64 hash shouldn't require more than 2 pad chars to be divided to 4
without leftover.
This commit is contained in:
Hidden Z 2010-10-21 18:44:02 +00:00
parent 2b535dbf2b
commit bb2582c62c
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
web/lib/validation.py
View File

@ -53,6 +53,20 @@ def validate_b64hash(data, check_uniq=True):
# keys with cert may ends with anything, so check is relaxed
if length > 516 and re.match(r'[a-zA-Z0-9\-~]+$', data) == None:
raise forms.ValidationError('Invalid characters in base64 hash')
# base64-validity test
if length > 516:
# we need temporary variable here to avoid modifying main "data"
test_data = data
# add pad-characters needed for proper decoding cos i2p does not
for i in range(4):
quanta, leftover = divmod(len(test_data), 4)
if leftover:
test_data += '='
else:
break
# if more than 2 pad chars were added, raise an error
if i > 2:
raise forms.ValidationError('Corrupted base64 hash')
# base64-i2p
if length == 516 and re.match(r'[a-zA-Z0-9\-~]+AA$', data) == None:
raise forms.ValidationError('Invalid base64 hash')