# HG changeset patch
# User Franz Glasner <f.glasner@feldmann-mg.com>
# Date 1643204964 -3600
# Node ID 5935055edea66559f27b9b2dd6eaae95de763924
# Parent  58d5a0b6e5b38ab48b8590161b783586f8faaac6
More proper formal checks (with regexp) for valid hex and base64 encoding of digests

diff -r 58d5a0b6e5b3 -r 5935055edea6 shasum.py
--- a/shasum.py	Wed Jan 26 14:15:43 2022 +0100
+++ b/shasum.py	Wed Jan 26 14:49:24 2022 +0100
@@ -177,15 +177,23 @@
     """
     if len(expected_digest) == algo().digest_size * 2:
         # hex
-        try:
-            exd = binascii.unhexlify(expected_digest)
-        except TypeError:
+        if re.search(r"\A[a-fA-F0-9]+\Z", expected_digest):
+            try:
+                exd = binascii.unhexlify(expected_digest)
+            except TypeError:
+                return False
+        else:
             return False
     else:
         # base64
-        try:
-            exd = base64.b64decode(expected_digest)
-        except TypeError:
+        if re.search(
+                r"\A(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{2}==)?\Z",
+                expected_digest):
+            try:
+                exd = base64.b64decode(expected_digest)
+            except TypeError:
+                return False
+        else:
             return False
     return given_digest == exd