Mercurial > hgrepos > Python > apps > py-cutils

changeset 52:5935055edea6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
More proper formal checks (with regexp) for valid hex and base64 encoding of digests
author Franz Glasner <f.glasner@feldmann-mg.com>
date Wed, 26 Jan 2022 14:49:24 +0100
parents 58d5a0b6e5b3
children 2e0cf1e7c483
files shasum.py
diffstat 1 files changed, 14 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/shasum.py	Wed Jan 26 14:15:43 2022 +0100
+++ b/shasum.py	Wed Jan 26 14:49:24 2022 +0100
@@ -177,15 +177,23 @@
     """
     if len(expected_digest) == algo().digest_size * 2:
         # hex
-        try:
-            exd = binascii.unhexlify(expected_digest)
-        except TypeError:
+        if re.search(r"\A[a-fA-F0-9]+\Z", expected_digest):
+            try:
+                exd = binascii.unhexlify(expected_digest)
+            except TypeError:
+                return False
+        else:
             return False
     else:
         # base64
-        try:
-            exd = base64.b64decode(expected_digest)
-        except TypeError:
+        if re.search(
+                r"\A(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{2}==)?\Z",
+                expected_digest):
+            try:
+                exd = base64.b64decode(expected_digest)
+            except TypeError:
+                return False
+        else:
             return False
     return given_digest == exd