From 555b16962fd51bebd55016b739767507325f1985 Mon Sep 17 00:00:00 2001
From: Trevor Wennblom <trevor@well.com>
Date: Wed, 15 Feb 2012 21:44:14 -0600
Subject: [PATCH] more stringent auditing of checksums

Closes Homebrew/homebrew#10213.

Signed-off-by: Jack Nagel <jacknagel@gmail.com>
---
 Library/Homebrew/cmd/audit.rb | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/Library/Homebrew/cmd/audit.rb b/Library/Homebrew/cmd/audit.rb
index 843d194375..99dc3a979a 100755
--- a/Library/Homebrew/cmd/audit.rb
+++ b/Library/Homebrew/cmd/audit.rb
@@ -75,18 +75,31 @@ def audit_formula_text name, text
   end
 
   # Empty checksums
-  if text =~ /md5\s+(\'\'|\"\")/
+  if text =~ /md5\s+(''|"")/
     problems << " * md5 is empty"
   end
 
-  if text =~ /sha1\s+(\'\'|\"\")/
+  if text =~ /sha1\s+(''|"")/
     problems << " * sha1 is empty"
   end
 
-  if text =~ /sha256\s+(\'\'|\"\")/
+  if text =~ /sha256\s+(''|"")/
     problems << " * sha256 is empty"
   end
 
+  # Checksum sanity check
+  if text =~ /md5\s+['"](.+)['"]/ and $1 != '#{md5}' and $1 !~ /[a-f0-9]{32}/
+    problems << " * md5 contains invalid or incorrect number of characters"
+  end
+
+  if text =~ /sha1\s+['"](.+)['"]/ and $1 != '#{sha1}' and $1 !~ /[a-f0-9]{40}/
+    problems << " * sha1 contains invalid or incorrect number of characters"
+  end
+
+  if text =~ /sha256\s+['"](.+)['"]/ and $1 != '#{sha256}' and $1 !~ /[a-f0-9]{64}/
+    problems << " * sha256 contains invalid or incorrect number of characters"
+  end
+
   # Commented-out depends_on
   if text =~ /#\s*depends_on\s+(.+)\s*$/
     problems << " * Commented-out dep #{$1}."