DandelionNStuff/dkimpy-smtputf8
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Correct base64 validation regexp so that valid signature with == split

Browse Source 
between two lines are not incorrectly evaluated as invalid (LP:
      #2002295) - Thanks to <https://launchpad.net/~obadz> for the report and
      the proposed fix
This commit is contained in:
Scott Kitterman
2023-02-25 17:16:53 -05:00
parent 2115a5e9f8
commit 59e9dd2cb5
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dkim/__init__.py
+2 -2
View File
@@ -284,13 +284,13 @@ def validate_signature_fields(sig, mandatory_fields=[b'v', b'a', b'b', b'bh', b'
raise ValidationError("unknown signature algorithm: %s" % sig[b'a'])
if b'b' in sig:
if re.match(br"[\s0-9A-Za-z+/]+=*$", sig[b'b']) is None:
if re.match(br"[\s0-9A-Za-z+/]+[\s=]*$", sig[b'b']) is None:
raise ValidationError("b= value is not valid base64 (%s)" % sig[b'b'])
if len(re.sub(br"\s+", b"", sig[b'b'])) % 4 != 0:
raise ValidationError("b= value is not valid base64 (%s)" % sig[b'b'])
if b'bh' in sig:
if re.match(br"[\s0-9A-Za-z+/]+=*$", sig[b'bh']) is None:
if re.match(br"[\s0-9A-Za-z+/]+[\s=]*$", sig[b'b']) is None:
raise ValidationError("bh= value is not valid base64 (%s)" % sig[b'bh'])
if len(re.sub(br"\s+", b"", sig[b'bh'])) % 4 != 0:
raise ValidationError("bh= value is not valid base64 (%s)" % sig[b'bh'])