Add validation to hex decoder

Does not fix any issue but prevents user from shooting themselves in the foot with improper configuration. Suggested by Demetr Starshov at https://git.eclipse.org/r/#/c/157681/ Change-Id: I006d65022f0a7d4066970825d00080c59404fdc3 Signed-off-by: Michael Dardis <git@md-5.net> Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
author: Michael Dardis <git@md-5.net> 2020-03-04 15:25:09 +1100
committer: Matthias Sohn <matthias.sohn@sap.com> 2020-03-04 16:34:01 +0100
commit: d7f304045af2f602c5b0c1a26d2c7f643753cf8f (patch)
tree: 1d16efc26e1fa0ae8f0587647557cb0b2ff20cee
parent: 95fd662dd3f5a0808cacc8066a0f43f15684301d (diff)
download: jgit-d7f304045af2f602c5b0c1a26d2c7f643753cf8f.tar.gz
jgit-d7f304045af2f602c5b0c1a26d2c7f643753cf8f.zip
4 files changed, 45 insertions, 3 deletions
diff --git a/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/HexTest.java b/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/HexTest.java
index 32af07f259..5f3ab0b775 100644
--- a/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/HexTest.java
+++ b/org.eclipse.jgit.test/tst/org/eclipse/jgit/util/HexTest.java
@@ -42,6 +42,31 @@ public class HexTest {
 		}
 	}
 
+	@Test(expected = IllegalArgumentException.class)
+	public void testIllegal() {
+		decode("0011test00");
+	}
+
+	@Test(expected = IllegalArgumentException.class)
+	public void testIllegal2() {
+		decode("0123456789abcdefgh");
+	}
+
+	@Test(expected = IllegalArgumentException.class)
+	public void testIllegal3() {
+		decode("0123456789abcdef-_+*");
+	}
+
+	@Test
+	public void testLegal() {
+		decode("0123456789abcdef");
+	}
+
+	@Test
+	public void testLegal2() {
+		decode("deadbeef");
+	}
+
 	private static byte[] b(String str) {
 		return Constants.encode(str);
 	}
diff --git a/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties b/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties
index 153399ca34..1218ee612d 100644
--- a/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties
+++ b/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties
@@ -354,6 +354,7 @@ invalidFilter=Invalid filter: {0}
 invalidGitdirRef = Invalid .git reference in file ''{0}''
 invalidGitModules=Invalid .gitmodules file
 invalidGitType=invalid git type: {0}
+invalidHexString=Invalid hex string: {0}
 invalidHooksPath=Invalid git config core.hooksPath = {0}
 invalidId=Invalid id: {0}
 invalidId0=Invalid id
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/internal/JGitText.java b/org.eclipse.jgit/src/org/eclipse/jgit/internal/JGitText.java
index ef4c855949..6235dd83d9 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/internal/JGitText.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/internal/JGitText.java
@@ -382,6 +382,7 @@ public class JGitText extends TranslationBundle {
 	/***/ public String invalidGitdirRef;
 	/***/ public String invalidGitModules;
 	/***/ public String invalidGitType;
+	/***/ public String invalidHexString;
 	/***/ public String invalidHooksPath;
 	/***/ public String invalidId;
 	/***/ public String invalidId0;
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/util/Hex.java b/org.eclipse.jgit/src/org/eclipse/jgit/util/Hex.java
index 9359036524..925159830e 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/util/Hex.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/util/Hex.java
@@ -10,6 +10,10 @@
 
 package org.eclipse.jgit.util;
 
+import java.text.MessageFormat;
+
+import org.eclipse.jgit.internal.JGitText;
+
 /**
  * Encodes and decodes to and from hexadecimal notation.
  *
@@ -27,9 +31,11 @@ public final class Hex {
 	/**
 	 * Decode a hexadecimal string to a byte array.
 	 *
-	 * Note this method performs no validation on input content.
+	 * Note this method validates that characters in the given string are valid
+	 * as digits in a hex string.
 	 *
-	 * @param s hexadecimal string
+	 * @param s
+	 *            hexadecimal string
 	 * @return decoded array
 	 */
 	public static byte[] decode(String s) {
@@ -37,7 +43,16 @@ public final class Hex {
 		byte[] b = new byte[len / 2];
 
 		for (int i = 0; i < len; i += 2) {
-			b[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4) | Character.digit(s.charAt(i + 1), 16));
+			int left = Character.digit(s.charAt(i), 16);
+			int right = Character.digit(s.charAt(i + 1), 16);
+
+			if (left == -1 || right == -1) {
+				throw new IllegalArgumentException(MessageFormat.format(
+						JGitText.get().invalidHexString,
+						s));
+			}
+
+			b[i / 2] = (byte) (left << 4 | right);
 		}
 		return b;
 	}
author	Michael Dardis <git@md-5.net>	2020-03-04 15:25:09 +1100
committer	Matthias Sohn <matthias.sohn@sap.com>	2020-03-04 16:34:01 +0100
commit	d7f304045af2f602c5b0c1a26d2c7f643753cf8f (patch)
tree	1d16efc26e1fa0ae8f0587647557cb0b2ff20cee
parent	95fd662dd3f5a0808cacc8066a0f43f15684301d (diff)
download	jgit-d7f304045af2f602c5b0c1a26d2c7f643753cf8f.tar.gz jgit-d7f304045af2f602c5b0c1a26d2c7f643753cf8f.zip