From 02d8f53246b326ccf5904a6314f9e9f0293e2a47 Mon Sep 17 00:00:00 2001 From: Florian Schmaus Date: Tue, 15 Oct 2024 12:47:55 +0200 Subject: [PATCH] [core] Increase resilience against faulty parser implementions If one of the parser throws a NullPointerException or NumberFormatException, then this should not lead to a disconnect due to an unhandled exception. Instead wrap those in an exception that is handled by the parsing exception callback and ask the user to fill a bug report for those faulty parsers. We may adjust the list of exceptions that are wrapped in the future. --- .../jivesoftware/smack/AbstractXMPPConnection.java | 9 ++++++++- .../main/java/org/jivesoftware/smack/Smack.java | 14 +++++++++++++- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/smack-core/src/main/java/org/jivesoftware/smack/AbstractXMPPConnection.java b/smack-core/src/main/java/org/jivesoftware/smack/AbstractXMPPConnection.java index a3fc2f941..00d19c4f0 100644 --- a/smack-core/src/main/java/org/jivesoftware/smack/AbstractXMPPConnection.java +++ b/smack-core/src/main/java/org/jivesoftware/smack/AbstractXMPPConnection.java @@ -1460,7 +1460,14 @@ public abstract class AbstractXMPPConnection implements XMPPConnection { int parserDepth = parser.getDepth(); Stanza stanza = null; try { - stanza = PacketParserUtils.parseStanza(parser, incomingStreamXmlEnvironment); + try { + stanza = PacketParserUtils.parseStanza(parser, incomingStreamXmlEnvironment); + } catch (NullPointerException | NumberFormatException e) { + // Those exceptions should probably be wrapped into a SmackParsingException and therefore likely constitute a missing verification in the throwing parser. + String message = "Smack parser throw unexpected exception '" + e.getMessage() + "', please report this at " + Smack.BUG_REPORT_URL; + LOGGER.log(Level.SEVERE, message, e); + throw new IOException(message, e); + } } catch (XmlPullParserException | SmackParsingException | IOException | IllegalArgumentException e) { CharSequence content = PacketParserUtils.parseContentDepth(parser, diff --git a/smack-core/src/main/java/org/jivesoftware/smack/Smack.java b/smack-core/src/main/java/org/jivesoftware/smack/Smack.java index daa7a18b4..6996e1ac9 100644 --- a/smack-core/src/main/java/org/jivesoftware/smack/Smack.java +++ b/smack-core/src/main/java/org/jivesoftware/smack/Smack.java @@ -1,6 +1,6 @@ /** * - * Copyright 2020-2021 Florian Schmaus + * Copyright 2020-2024 Florian Schmaus * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,6 +17,8 @@ package org.jivesoftware.smack; import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URL; import java.util.logging.Logger; import org.jivesoftware.smack.util.FileUtils; @@ -29,6 +31,16 @@ public class Smack { public static final String SMACK_PACKAGE = SMACK_ORG + ".smack"; + public static final URL BUG_REPORT_URL; + + static { + try { + BUG_REPORT_URL = new URL("https://discourse.igniterealtime.org/c/smack/smack-support/9"); + } catch (MalformedURLException e) { + throw new ExceptionInInitializerError(e); + } + } + /** * Returns the Smack version information, e.g."1.3.0". *