search

nextcloud / encryption-recovery-tools

This project contains tools to recover files that have been encrypted with the Nextcloud End-to-End Encryption or Nextcloud Server-Side Encryption.
GNU Affero General Public License v3.0
53 stars 5 forks source link

Fatal error: Uncaught TypeError: fread(): Argument #2 ($length) must be of type int, string given in recover.php:1563 #57

Closed OnyXxL closed 2 weeks ago

OnyXxL commented 2 weeks ago

Hi,

I'm getting an error when trying to decrypt a file: Fatal error: Uncaught TypeError: fread(): Argument #2 ($length) must be of type int, string given in recover.php:1563

Steps to reproduce

  1. Upload a file "image.jpg" to Nexcloud instance using the WebUI logged as "test" user.
  2. Make a folder /usr/home/me/decrypt/
  3. Run php recover.php /usr/home/me/decrypt/ /usr/home/www/cloud/data/test/files/image.jpg

Expected behaviour

The file should be present and decrypted in /usr/home/me/decrypt/test/files/image.jpg

Actual behaviour

The subfolders /usr/home/me/decrypt/test/files/ are created but the file is not in it.

Server configuration

Web server: Apache 2.4

Database: MySQL 8.0.39

PHP version: 8.1.26

Nextcloud version: 30.0.1

List of activated apps ``` Enabled: - activity: 3.0.0 - admin_audit: 1.20.0 - app_api: 4.0.0 - bruteforcesettings: 3.0.0 - calendar: 5.0.1 - circles: 30.0.0-dev - cloud_federation_api: 1.13.0 - comments: 1.20.1 - contacts: 6.1.0 - contactsinteraction: 1.11.0 - dashboard: 7.10.0 - dav: 1.31.1 - encryption: 2.18.0 - federatedfilesharing: 1.20.0 - federation: 1.20.0 - files: 2.2.0 - files_external: 1.22.0 - files_pdfviewer: 3.0.0 - files_reminders: 1.3.0 - files_sharing: 1.22.0 - files_trashbin: 1.20.1 - files_versions: 1.23.0 - firstrunwizard: 3.0.0 - impersonate: 1.17.0 - logreader: 3.0.0 - lookup_server_connector: 1.18.0 - nextcloud_announcements: 2.0.0 - notifications: 3.0.0 - oauth2: 1.18.1 - password_policy: 2.0.0 - photos: 3.0.2 - privacy: 2.0.0 - provisioning_api: 1.20.0 - recommendations: 3.0.0 - related_resources: 1.5.0 - serverinfo: 2.0.0 - settings: 1.13.0 - sharebymail: 1.20.0 - support: 2.0.0 - suspicious_login: 8.0.0 - systemtags: 1.20.0 - tasks: 0.16.1 - text: 4.1.0 - theming: 2.5.0 - twofactor_backupcodes: 1.19.0 - twofactor_nextcloud_notification: 4.0.0 - twofactor_totp: 12.0.0-dev - updatenotification: 1.20.0 - viewer: 3.0.0 - webhook_listeners: 1.1.0-dev - workflowengine: 2.12.0 Disabled: - external: 5.5.1 (installed 5.5.1) - facerecognition: 0.9.51 (installed 0.9.51) - files_antivirus: 5.6.0 (installed 5.6.0) - files_downloadlimit: 3.0.0 (installed 1.2.0) - files_texteditor: 2.15.1 (installed 2.15.1) - ransomware_protection: 1.14.0 (installed 1.14.0) - survey_client: 2.0.0 (installed 1.15.0) - user_ldap: 1.21.0 - user_status: 1.10.0 (installed 1.9.0) - weather_status: 1.10.0 (installed 1.9.0) - whiteboard: 1.0.4 (installed 1.0.4) ```
Nextcloud configuration ``` { "system": { "instanceid": "***REMOVED SENSITIVE VALUE***", "passwordsalt": "***REMOVED SENSITIVE VALUE***", "secret": "***REMOVED SENSITIVE VALUE***", "datadirectory": "***REMOVED SENSITIVE VALUE***", "overwriteprotocol": "https", "htaccess.RewriteBase": "\/", "dbtype": "mysql", "version": "30.0.1.2", "dbname": "***REMOVED SENSITIVE VALUE***", "dbhost": "***REMOVED SENSITIVE VALUE***", "dbtableprefix": "oc_", "mysql.utf8mb4": true, "dbuser": "***REMOVED SENSITIVE VALUE***", "dbpassword": "***REMOVED SENSITIVE VALUE***", "logtimezone": "UTC", "installed": true, "mail_from_address": "***REMOVED SENSITIVE VALUE***", "mail_smtpmode": "smtp", "mail_domain": "***REMOVED SENSITIVE VALUE***", "mail_smtphost": "***REMOVED SENSITIVE VALUE***", "mail_smtpport": "25", "loglevel": 3, "maintenance": false, "maintenance_window_start": 1, "default_language": "fr", "theme": "", "debug": false, "default_phone_region": "FR", "files_external_allow_create_new_local": "true", "files_antivirus.av_cmd_options": "", "files_antivirus.av_path": "\/usr\/local\/bin\/clamscan", "allow_user_to_change_mail_address": "", "encryption.legacy_format_support": false, "encryption.key_storage_migrated": false, "twofactor_enforced": "true", "twofactor_enforced_excluded_groups": [], "mail_sendmailmode": "smtp", "memcache.locking": "\\OC\\Memcache\\Redis", "memcache.local": "\\OC\\Memcache\\APCu", "redis": { "host": "***REMOVED SENSITIVE VALUE***", "port": 6379, "timeout": 0, "read_timeout": 0 } } } ```

For more details, this is what I can't achieve: I moved manually (from an SSH command line) 1500 files to another folder and scanned all the files. I am not able to open them anymore as they are no longer decrypted. Their headers are HBEGIN:oc_encryption_module:OC_DEFAULT_MODULE:cipher:AES-256-CTR:signed:true:useLegacyFileKey:false:encoding:binary:HEND

In the recover.php script, I have set:

Thank you for your help.

yahesh commented 2 weeks ago

@OnyXxL That's kinda odd, given that BLOCKSIZE is normally defined within the head of the script. Could you please check if you have an environment variable set in your shell that is called BLOCKSIZE?

OnyXxL commented 2 weeks ago

@OnyXxL That's kinda odd, given that BLOCKSIZE is normally defined within the head of the script. Could you please check if you have an environment variable set in your shell that is called BLOCKSIZE?

You are right! I have unset BLOCKSIZE environnement variable and the script works. Thanks!

For other people who maye face that problem, the environnement variable BLOCKSIZE is set to "K" in ~/.cshrc if you are using csh. It is my case on FreeBSD.

yahesh commented 2 weeks ago

@OnyXxL Thanks for the feedback. I improved type checking in #58 to hopefully prevent such an issue in the future.