You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Use the latest Chrome version, 114.0.5735.134, on Windows.
Create a ChromeBrowser object and call its method getCookies().
Expected
The set will be non-empty and contain the cookies from the web browser.
Actual
An exception is thrown:
java.lang.ArrayIndexOutOfBoundsException: arraycopy: length -3 is negative
at java.base/java.lang.System.arraycopy(Native Method)
at java.base/java.util.Arrays.copyOfRange(Arrays.java:3823)
at cmonster.browsers.ChromeBrowser.decrypt(ChromeBrowser.java:279)
at cmonster.browsers.ChromeBrowser.parseCookieFromResult(ChromeBrowser.java:240)
at cmonster.browsers.ChromeBrowser.processCookies(ChromeBrowser.java:153)
at cmonster.browsers.Browser.getCookies(Browser.java:29)
at cmonster.browsers.ChromeBrowser.main(ChromeBrowser.java:400)
Discussion
The current implementation in ChromeBrowser.getCookieDbFiles() looks for files in directories in the baseDir that end in Cookies. It does not find them recursively - i.e., it does not find files in subdirectories of subdirectories. This is a problem because the appropriate cookies file on my hard drive resides under /Default/Network/ relative to the baseDir.
So, the only file found is Safe Browsing Cookies. This appears to contain cookies that are not encrypted - the encrypted_value in the (single) row in the ResultSet is an empty byte array - and then the decryption (attempting to use the empty array as the ciphertext) fails.
Inside decrypt, exceptions cause us to skip the cookie for Mac and Linux, but ones for Windows are allowed to bubble up and fail the overall operation. I suspect that the Windows decrypt should have the same behavior as Mac and Linux.
I will soon open a PR to address this issue.
The text was updated successfully, but these errors were encountered:
Steps Taken
Use the latest Chrome version, 114.0.5735.134, on Windows.
Create a
ChromeBrowserobject and call its methodgetCookies().Expected
The set will be non-empty and contain the cookies from the web browser.
Actual
An exception is thrown:
Discussion
The current implementation in
ChromeBrowser.getCookieDbFiles()looks for files in directories in the baseDir that end inCookies. It does not find them recursively - i.e., it does not find files in subdirectories of subdirectories. This is a problem because the appropriate cookies file on my hard drive resides under/Default/Network/relative to the baseDir.So, the only file found is
Safe Browsing Cookies. This appears to contain cookies that are not encrypted - theencrypted_valuein the (single) row in theResultSetis an empty byte array - and then the decryption (attempting to use the empty array as the ciphertext) fails.Inside decrypt, exceptions cause us to skip the cookie for Mac and Linux, but ones for Windows are allowed to bubble up and fail the overall operation. I suspect that the Windows decrypt should have the same behavior as Mac and Linux.
I will soon open a PR to address this issue.
The text was updated successfully, but these errors were encountered: