From a5969834f6b44acfa14db258d09409dd762e6733 Mon Sep 17 00:00:00 2001
From: BrentSchmaltz <brentsch@microsoft.com>
Date: Thu, 1 Aug 2024 12:46:15 -0700
Subject: [PATCH] Check that regex succeeded and value is an integer. (#2958)

Co-authored-by: id4s <user@contoso.com>
---
 .../CookiePolicyOptionsExtensions.cs                     | 9 +++++++--
 .../CookiePolicyOptionsExtensionsTests.cs                | 1 +
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/Microsoft.Identity.Web/CookiePolicyOptionsExtensions.cs b/src/Microsoft.Identity.Web/CookiePolicyOptionsExtensions.cs
index 887650d0c..b20f037d5 100644
--- a/src/Microsoft.Identity.Web/CookiePolicyOptionsExtensions.cs
+++ b/src/Microsoft.Identity.Web/CookiePolicyOptionsExtensions.cs
@@ -152,8 +152,13 @@ bool IsChromiumVersionAtLeast(int major)
 
                 // Extract digits from first capturing group.
                 Match match = Regex.Match(userAgent, regex);
-                int version = Convert.ToInt32(match.Groups[1].Value, CultureInfo.CurrentCulture);
-                return version >= major;
+                if (!match.Success)
+                    return false;
+
+                if (int.TryParse(match.Groups[1].Value, out int version))
+                    return version >= major;
+
+                return false;
             }
 
             bool IsUcBrowser()
diff --git a/tests/Microsoft.Identity.Web.Test/CookiePolicyOptionsExtensionsTests.cs b/tests/Microsoft.Identity.Web.Test/CookiePolicyOptionsExtensionsTests.cs
index 10cf2122e..2cc6c2fa1 100644
--- a/tests/Microsoft.Identity.Web.Test/CookiePolicyOptionsExtensionsTests.cs
+++ b/tests/Microsoft.Identity.Web.Test/CookiePolicyOptionsExtensionsTests.cs
@@ -90,6 +90,7 @@ public void HandleSameSiteCookieCompatibility_CustomFilter_ExecutesSuccessfully(
         }
 
         [Theory]
+        [InlineData(false, "Dalvik / 2.1.0(Linux; U; Android 12; Chromecast Build / STTE.230319.008.H1)")]
         [InlineData(true, "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148")]
         [InlineData(true, "Mozilla/5.0 (iPhone; CPU iPhone OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1 Mobile/15E148 Safari/604.1")]
         [InlineData(true, "Mozilla/5.0 (iPad; CPU OS 12_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148")]