Do not throw exception if encrypted cookie too short

cakephp · Sep 1, 2018 · 4c2dc85 · 4c2dc85
1 parent 6c96e47
commit 4c2dc85
Show file tree

Hide file tree

Showing 3 changed files with 63 additions and 0 deletions.
diff --git a/src/Utility/CookieCryptTrait.php b/src/Utility/CookieCryptTrait.php
@@ -129,6 +129,11 @@ protected function _decode($value, $encrypt, $key)
         $this->_checkCipher($encrypt);
         $prefix = 'Q2FrZQ==.';
         $value = base64_decode(substr($value, strlen($prefix)));
+
+        if ($value === '') {
+            return '';
+        }
+
         if ($key === null) {
             $key = $this->_getCookieEncryptionKey();
         }

diff --git a/tests/TestCase/Controller/Component/CookieComponentTest.php b/tests/TestCase/Controller/Component/CookieComponentTest.php
@@ -649,6 +649,33 @@ public function testReadingDataFromRequest()
         $this->assertEquals($expected, $data);
     }
 
+    /**
+     * testReadingMalformedEncryptedCookies
+     *
+     * @return void
+     */
+    public function testReadingMalformedEncryptedCookies()
+    {
+        $this->Cookie->configKey('Encrypted_empty', 'encryption', 'aes');
+        $this->Cookie->configKey('Encrypted_too_short', 'encryption', 'aes');
+        $this->Cookie->configKey('Encrypted_altered', 'encryption', 'aes');
+
+        $this->Controller->request = $this->request->withCookieParams([
+            'Encrypted_empty' => '',
+            'Encrypted_too_short' => 'Q2FrZQ',
+            'Encrypted_altered' => 'Q2FrZQ==.ModifiedBase64Data==',
+        ]);
+
+        $data = $this->Cookie->read('Encrypted_empty');
+        $this->assertEquals('', $data);
+
+        $data = $this->Cookie->read('Encrypted_too_short');
+        $this->assertEquals('', $data);
+
+        $data = $this->Cookie->read('Encrypted_altered');
+        $this->assertEquals('', $data);
+    }
+
     /**
      * Test Reading legacy cookie values.
      *

diff --git a/tests/TestCase/Http/Middleware/EncryptedCookieMiddlewareTest.php b/tests/TestCase/Http/Middleware/EncryptedCookieMiddlewareTest.php
@@ -73,6 +73,37 @@ public function testDecodeRequestCookies()
         $this->assertSame('yes', $response->getHeaderLine('called'), 'Inner middleware not invoked');
     }
 
+    /**
+     * Test decoding malformed cookies
+     *
+     * @return void
+     */
+    public function testDecodeMalformedCookies()
+    {
+        $request = new ServerRequest(['url' => '/cookies/nom']);
+        $request = $request->withCookieParams([
+            'secret_empty' => '',
+            'secret_too_short' => 'Q2FrZQ',
+            'secret_altered' => 'Q2FrZQ==.ModifiedBase64Data==',
+        ]);
+        $this->assertNotEquals('decoded', $request->getCookie('decoded'));
+
+        $response = new Response();
+        $next = function ($req, $res) {
+            $this->assertSame('', $req->getCookie('secret_empty'));
+            $this->assertSame('', $req->getCookie('secret_too_short'));
+            $this->assertSame('', $req->getCookie('secret_altered'));
+
+            return $res;
+        };
+        $middleware = new EncryptedCookieMiddleware(
+            ['secret_empty', 'secret_too_short', 'secret_altered'],
+            $this->_getCookieEncryptionKey(),
+            'aes'
+        );
+        $response = $middleware($request, $response, $next);
+    }
+
     /**
      * Test encoding cookies in the set-cookie header.
      *