ensure that errors in the char->digit conversion is also handled

Author: supervacuus

sentry-android-core/src/main/java/io/sentry/android/core/internal/tombstone/OleGuidFormatter.java

@@ -20,7 +20,7 @@
  * c0bcc3f1-9827-fe65-3058-404b2831d9e6
  * </pre>
  *
- * Note: Java bytes are signed. When promoted (e.g. during formatting or bit shifts), they
+ * <p>Note: Java bytes are signed. When promoted (e.g. during formatting or bit shifts), they
  * sign-extend to int, unlike uint8_t in C. We therefore mask with & 0xff to preserve the intended
  * unsigned byte values.
  */
@@ -78,6 +78,10 @@ private static byte[] hexToBytes(String hex) {
     for (int byteIdx = 0; byteIdx < numBytes; byteIdx++) {
       int hi = Character.digit(hex.charAt(byteIdx * 2), numBytes);
       int lo = Character.digit(hex.charAt(byteIdx * 2 + 1), numBytes);
+      if (hi < 0 || lo < 0) {
+        throw new IllegalArgumentException(
+            "GUID conversion input hex string contains invalid characters");
+      }
       result[byteIdx] = (byte) ((hi << 4) | lo);
     }
     return result;

sentry-android-core/src/test/java/io/sentry/android/core/internal/tombstone/OleGuidFormatterTest.kt

@@ -24,6 +24,19 @@ class OleGuidFormatterTest {
     }
   }
 
+  @Test
+  fun `an input string with with an invalid hex character throws`() {
+    // fail the low nibble conversion
+    assertFailsWith<IllegalArgumentException> {
+      OleGuidFormatter.convert("g123456789abcdef0123456789abcdef")
+    }
+
+    // fail the high nibble conversion
+    assertFailsWith<IllegalArgumentException> {
+      OleGuidFormatter.convert("0h23456789abcdef0123456789abcdef")
+    }
+  }
+
   @Test
   fun `an input example from the develop docs leads to the expected result`() {
     val input = "f1c3bcc0279865fe3058404b2831d9e64135386c"