Merge pull request #25714 from nextcloud/fix/23197/explicitly_check_hex2bin_input

Explicitly check hex2bin input

1 files changed, 19 insertions, 3 deletions

diff --git a/lib/private/Security/Crypto.php b/lib/private/Security/Crypto.php
index 7b1e1a49b19..85591eb62f3 100644
--- a/lib/private/Security/Crypto.php
+++ b/lib/private/Security/Crypto.php
@@ -124,14 +124,14 @@ class Crypto implements ICrypto {
 			throw new \Exception('Authenticated ciphertext could not be decoded.');
 		}
 
-		$ciphertext = hex2bin($parts[0]);
+		$ciphertext = $this->hex2bin($parts[0]);
 		$iv = $parts[1];
-		$hmac = hex2bin($parts[2]);
+		$hmac = $this->hex2bin($parts[2]);
 
 		if ($partCount === 4) {
 			$version = $parts[3];
 			if ($version >= '2') {
-				$iv = hex2bin($iv);
+				$iv = $this->hex2bin($iv);
 			}
 
 			if ($version === '3') {
@@ -154,4 +154,20 @@ class Crypto implements ICrypto {
 
 		return $result;
 	}
+
+	private function hex2bin(string $hex): string {
+		if (!ctype_xdigit($hex)) {
+			throw new \RuntimeException('String contains non hex chars: ' . $hex);
+		}
+		if (strlen($hex) % 2 !== 0) {
+			throw new \RuntimeException('Hex string is not of even length: ' . $hex);
+		}
+		$result = hex2bin($hex);
+
+		if ($result === false) {
+			throw new \RuntimeException('Hex to bin conversion failed: ' . $hex);
+		}
+
+		return $result;
+	}
 }