Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: potential null dereference on serviceId #19764

Merged
merged 1 commit into from
Jul 10, 2024

Conversation

rng70-or
Copy link
Contributor

In file: PublicizeTable.java there is the following code segment

if (serviceId == null && serviceId.isEmpty()) {
            return false;
        }

if the serviceId value is null then then logical if check result in NullPointerException due to && operator.


To Test:


Regression Notes

  1. Potential unintended areas of impact

    • null pointer dereference
  2. What I did to test those areas of impact (or what existing automated tests I relied on)

    • The bug is found by running the iCR tool by OpenRefactory, Inc. and then manually triaging the results.
  3. What automated tests I added (or what prevented me from doing so)

    • this is a potential null pointer which results due to inappropriate && operator in this specific case.

PR Submission Checklist:

  • I have completed the Regression Notes.
  • I have considered adding accessibility improvements for my changes.
  • I have considered if this change warrants user-facing release notes and have added them to RELEASE-NOTES.txt if necessary.

UI Changes Testing Checklist:

  • Portrait and landscape orientations.
  • Light and dark modes.
  • Fonts: Larger, smaller and bold text.
  • High contrast.
  • Talkback.
  • Languages with large words or with letters/accents not frequently used in English.
  • Right-to-left languages. (Even if translation isn’t complete, formatting should still respect the right-to-left layout)
  • Large and small screen sizes. (Tablet and smaller phones)
  • Multi-tasking: Split screen and Pop-up view. (Android 10 or higher)

Sponsorship and Support:

This work is done by the security researchers from OpenRefactory and is supported by the Open Source Security Foundation (OpenSSF): Project Alpha-Omega. Alpha-Omega is a project partnering with open source software project maintainers to systematically find new, as-yet-undiscovered vulnerabilities in open source code - and get them fixed - to improve global software supply chain security.

The bug is found by running the iCR tool by OpenRefactory, Inc. and then manually triaging the results.

@peril-wordpress-mobile
Copy link

peril-wordpress-mobile bot commented Dec 11, 2023

Warnings
⚠️ PR is not assigned to a milestone.

Generated by 🚫 dangerJS

@rng70-or rng70-or changed the title fix: possible null pointer exception on serviceId fix: possible null dereference on serviceId Dec 11, 2023
@rng70-or rng70-or changed the title fix: possible null dereference on serviceId fix: potential null dereference on serviceId Dec 11, 2023
@jkmassel
Copy link
Contributor

jkmassel commented Jul 9, 2024

@ParaskP7 – would you be able to take a look at this?

Thanks!

@ParaskP7
Copy link
Contributor

Sure think @jkmassel , will take a look at it today, thanks for the ping! 👍

@ParaskP7 ParaskP7 self-requested a review July 10, 2024 10:02
@ParaskP7 ParaskP7 added this to the Future milestone Jul 10, 2024
Copy link
Contributor

@ParaskP7 ParaskP7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👋 @rng70-or !

Thank you so much for your contribution to JP/WPAndroid with this PR! 🥇

I have reviewed and indeed it seems that this was an oversight needs fixing. I also triggered CI on it via a draft PR, which I just pushed on the main repo, everything works as expected, thanks for fixing the (potential) NPE and logic for us! 🌟

@ParaskP7 ParaskP7 merged commit 502a11a into wordpress-mobile:trunk Jul 10, 2024
24 checks passed
@ParaskP7
Copy link
Contributor

PS: Apologies for the long wait on that, but this is now done, merged, congrats on your contribution! 🎉 🚀 ❤️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants