fix: Panics when passing a malformed GitSession (#3058)

grafana · Mar 1, 2024 · bbb5f55 · bbb5f55
1 parent 38218a8
commit bbb5f55
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 0 deletions.
diff --git a/pkg/querier/vcs/client/encryption.go b/pkg/querier/vcs/client/encryption.go
@@ -3,6 +3,7 @@ package client
 import (
 	"encoding/base64"
 	"encoding/json"
+	"errors"
 
 	encryption "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/encryption"
 	"golang.org/x/oauth2"
@@ -24,11 +25,18 @@ func encryptToken(token *oauth2.Token, key []byte) (string, error) {
 	return base64.StdEncoding.EncodeToString(enc), nil
 }
 
+const gcmNonceSize = 12
+
 func decryptToken(encodedText string, key []byte) (*oauth2.Token, error) {
 	encryptedData, err := base64.StdEncoding.DecodeString(encodedText)
 	if err != nil {
 		return nil, err
 	}
+
+	if len(encryptedData) < gcmNonceSize {
+		return nil, errors.New("malformed token")
+	}
+
 	cipher, err := encryption.NewGCMCipher(key)
 	if err != nil {
 		return nil, err

diff --git a/pkg/querier/vcs/client/encryption_test.go b/pkg/querier/vcs/client/encryption_test.go
@@ -23,3 +23,13 @@ func TestEncodeOAuth(t *testing.T) {
 	require.NoError(t, err)
 	require.Equal(t, token, actual)
 }
+
+func Test_decryptToken(t *testing.T) {
+	t.Run("malformed token shorter than nonce size", func(t *testing.T) {
+		encoded := "xxxx"
+		key := []byte("0123456789abcdef")
+
+		_, err := decryptToken(encoded, key)
+		require.EqualError(t, err, "malformed token")
+	})
+}