From 859c2b4496618c8142c70610ebba395e9aa4d5dc Mon Sep 17 00:00:00 2001 From: cyBerta Date: Fri, 3 Nov 2017 15:17:45 +0100 Subject: #8778 fixes invalid provider error handling --- app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'app/src/insecure') diff --git a/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java index 588ff7e2..87fff283 100644 --- a/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/insecure/java/se/leap/bitmaskclient/ProviderAPI.java @@ -125,6 +125,12 @@ public class ProviderAPI extends ProviderApiBase { else provider_dot_json_string = downloadWithCommercialCA(provider_main_url + "/provider.json", danger_on, provider_ca_cert_fingerprint); + if (!isValidJson(provider_dot_json_string)) { + result.putString(ERRORS, getString(malformed_url)); + result.putBoolean(RESULT_KEY, false); + return result; + } + try { JSONObject provider_json = new JSONObject(provider_dot_json_string); provider_api_url = provider_json.getString(Provider.API_URL) + "/" + provider_json.getString(Provider.API_VERSION); @@ -165,7 +171,7 @@ public class ProviderAPI extends ProviderApiBase { preferences.edit().putString(Constants.KEY, eip_service_json.toString()).commit(); result.putBoolean(RESULT_KEY, true); - } catch (JSONException e) { + } catch (NullPointerException | JSONException e) { String reason_to_fail = pickErrorMessage(eip_service_json_string); result.putString(ERRORS, reason_to_fail); result.putBoolean(RESULT_KEY, false); @@ -189,7 +195,7 @@ public class ProviderAPI extends ProviderApiBase { String cert_string = downloadWithProviderCA(new_cert_string_url.toString(), last_danger_on); - if (cert_string.isEmpty() || ConfigHelper.checkErroneousDownload(cert_string)) + if (cert_string == null || cert_string.isEmpty() || ConfigHelper.checkErroneousDownload(cert_string)) return false; else return loadCertificate(cert_string); @@ -274,7 +280,7 @@ public class ProviderAPI extends ProviderApiBase { responseString = sendGetStringToServer(string_url, headerArgs, okHttpClient); - if (responseString.contains(ERRORS)) { + if (responseString != null && responseString.contains(ERRORS)) { try { // try to download with provider CA on certificate error JSONObject responseErrorJson = new JSONObject(responseString); -- cgit v1.2.3