From b623fa8f542a023e319f1643ef48e2cbd11d819d Mon Sep 17 00:00:00 2001
From: helloJetBase-tech <178346048+marktech0813@users.noreply.github.com>
Date: Tue, 11 Nov 2025 14:42:38 +0200
Subject: [PATCH 1/2] =?UTF-8?q?=E4=BC=81=E4=B8=9A=E5=BE=AE=E4=BF=A1API?=
 =?UTF-8?q?=E5=9B=9E=E8=B0=83=E9=AA=8C=E7=AD=BE=E9=94=99=E8=AF=AF=20#3756?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

我找到了 WxCryptUtil.decrypt 函数，并对其进行了加固，通过在切片之前验证解密后的有效载荷长度，避免了 Arrays.copyOfRange 函数抛出的 IllegalArgumentException 异常。如果数据格式错误（通常是由于 EncodingAESKey 错误或密文损坏），现在会抛出一个清晰的 WxRuntimeException 异常，而不是像之前那样抛出“20 > …”的错误。

构建和测试：

重新构建项目并重试回调验证；现在你应该会得到解密成功的结果，或者一个清晰、可操作的错误信息，而不是 IllegalArgumentException 异常。

我在 WxCryptUtil.decrypt 函数中添加了强大的长度检查，以防止运行时崩溃，并在密钥/密文错误时提供精确的错误消息。
---
 .../weixin/common/util/crypto/WxCryptUtil.java     | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/weixin-java-common/src/main/java/me/chanjar/weixin/common/util/crypto/WxCryptUtil.java b/weixin-java-common/src/main/java/me/chanjar/weixin/common/util/crypto/WxCryptUtil.java
index 4039580cf..22fa88fa0 100755
--- a/weixin-java-common/src/main/java/me/chanjar/weixin/common/util/crypto/WxCryptUtil.java
+++ b/weixin-java-common/src/main/java/me/chanjar/weixin/common/util/crypto/WxCryptUtil.java
@@ -333,12 +333,22 @@ public String decrypt(String cipherText) {
       byte[] bytes = PKCS7Encoder.decode(original);
 
       // 分离16位随机字符串,网络字节序和AppId
+      if (bytes == null || bytes.length < 20) {
+        throw new WxRuntimeException("解密后数据长度异常，可能为错误的密文或EncodingAESKey");
+      }
       byte[] networkOrder = Arrays.copyOfRange(bytes, 16, 20);
 
       int xmlLength = bytesNetworkOrder2Number(networkOrder);
 
-      xmlContent = new String(Arrays.copyOfRange(bytes, 20, 20 + xmlLength), CHARSET);
-      fromAppid = new String(Arrays.copyOfRange(bytes, 20 + xmlLength, bytes.length), CHARSET);
+      // 长度边界校验，避免非法长度导致的越界/参数异常
+      int startIndex = 20;
+      int endIndex = startIndex + xmlLength;
+      if (xmlLength < 0 || endIndex > bytes.length) {
+        throw new WxRuntimeException("解密后数据格式非法：消息长度不正确，可能为错误的密文或EncodingAESKey");
+      }
+
+      xmlContent = new String(Arrays.copyOfRange(bytes, startIndex, endIndex), CHARSET);
+      fromAppid = new String(Arrays.copyOfRange(bytes, endIndex, bytes.length), CHARSET);
     } catch (Exception e) {
       throw new WxRuntimeException(e);
     }

From 8c3f15676893fb1aa8673cf114e6c79faf64f674 Mon Sep 17 00:00:00 2001
From: Binary Wang <binarywang@users.noreply.github.com>
Date: Wed, 12 Nov 2025 13:43:05 +0800
Subject: [PATCH 2/2] Update
 weixin-java-common/src/main/java/me/chanjar/weixin/common/util/crypto/WxCryptUtil.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 .../me/chanjar/weixin/common/util/crypto/WxCryptUtil.java   | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/weixin-java-common/src/main/java/me/chanjar/weixin/common/util/crypto/WxCryptUtil.java b/weixin-java-common/src/main/java/me/chanjar/weixin/common/util/crypto/WxCryptUtil.java
index 22fa88fa0..0b0590b1e 100755
--- a/weixin-java-common/src/main/java/me/chanjar/weixin/common/util/crypto/WxCryptUtil.java
+++ b/weixin-java-common/src/main/java/me/chanjar/weixin/common/util/crypto/WxCryptUtil.java
@@ -350,7 +350,11 @@ public String decrypt(String cipherText) {
       xmlContent = new String(Arrays.copyOfRange(bytes, startIndex, endIndex), CHARSET);
       fromAppid = new String(Arrays.copyOfRange(bytes, endIndex, bytes.length), CHARSET);
     } catch (Exception e) {
-      throw new WxRuntimeException(e);
+      if (e instanceof WxRuntimeException) {
+        throw (WxRuntimeException) e;
+      } else {
+        throw new WxRuntimeException(e);
+      }
     }
 
     // appid不相同的情况 暂时忽略这段判断