From bb2582c62cd42331cc348687569690394116977e Mon Sep 17 00:00:00 2001
From: Hidden Z <hiddenz@mail.i2p>
Date: Thu, 21 Oct 2010 18:44:02 +0000
Subject: [PATCH] web/lib/validation.py: add base64-validity check

Base 64 hash shouldn't require more than 2 pad chars to be divided to 4
without leftover.
---
 web/lib/validation.py | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/web/lib/validation.py b/web/lib/validation.py
index d821502..bb191c7 100644
--- a/web/lib/validation.py
+++ b/web/lib/validation.py
@@ -53,6 +53,20 @@ def validate_b64hash(data, check_uniq=True):
 	# keys with cert may ends with anything, so check is relaxed
 	if length > 516 and re.match(r'[a-zA-Z0-9\-~]+$', data) == None:
 		raise forms.ValidationError('Invalid characters in base64 hash')
+	# base64-validity test
+	if length > 516:
+		# we need temporary variable here to avoid modifying main "data"
+		test_data = data
+		# add pad-characters needed for proper decoding cos i2p does not
+		for i in range(4):
+			quanta, leftover = divmod(len(test_data), 4)
+			if leftover:
+				test_data += '='
+			else:
+				break
+		# if more than 2 pad chars were added, raise an error
+		if i > 2:
+			raise forms.ValidationError('Corrupted base64 hash')
 	# base64-i2p
 	if length == 516 and re.match(r'[a-zA-Z0-9\-~]+AA$', data) == None:
 		raise forms.ValidationError('Invalid base64 hash')