From 4721eb4f8118d0071e8a20177151217898f04b25 Mon Sep 17 00:00:00 2001
From: Valentin Samir <valentin.samir@crans.org>
Date: Sun, 31 Jul 2016 12:27:14 +0200
Subject: [PATCH] Catch base64 decode error on b64decode to raise our custom
 exception BadHash

---
 cas_server/utils.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cas_server/utils.py b/cas_server/utils.py
index c6a56ef..6142c21 100644
--- a/cas_server/utils.py
+++ b/cas_server/utils.py
@@ -561,7 +561,10 @@ class LdapHashUserPassword(object):
         elif scheme == b'{CRYPT}':
             return b'$'.join(hashed_passord.split(b'$', 3)[:-1])[len(scheme):]
         else:
-            hashed_passord = base64.b64decode(hashed_passord[len(scheme):])
+            try:
+                hashed_passord = base64.b64decode(hashed_passord[len(scheme):])
+            except TypeError as error:
+                raise cls.BadHash("Bad base64: %s" % error)
             if len(hashed_passord) < cls._schemes_to_len[scheme]:
                 raise cls.BadHash("Hash too short for the scheme %s" % scheme)
             return hashed_passord[cls._schemes_to_len[scheme]:]