Different from question #220.
We're doing a study. We use the fuzzing method to simulate the network response data. For example, when the app receives network API response data from the server or network, we will replace it with 404, null and random data.
A very simple example:
normal data :Value=”hello” -----fuzzing-----> simulated data :Value=null or network request fails(404、503) or Value=”heee”(random data) or Value=""(empty) , etc.
Description information:
We find that mobile apps are prone to crashes due to a network issue, mainly because successful network API calls return unexpected or no data.
And we found that when this app's network returned data is null or some fields are null (JSON format) , or is empty, or the network request fails (status code is 404/503), or a random value , the app has crashed.
Environment Info:
APK version 1.0.47 (1047)
Simulator AndroidOS Version = “6.0.1”
crash information:
All of the following crash problems are caused by fuzzing data
java.lang.NullPointerException: Attempt to invoke interface method 'java.lang.Object[] java.util.Collection.toArray()' on a null object reference
at java.util.ArrayList.addAll
(ArrayList.java:188)
at net.schueller.peertube.adapter.VideoAdapter.setData(VideoAdapter.java:157)
at net.schueller.peertube.activity.VideoListActivity$5.onResponse
(VideoListActivity.java:351)
at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71)
at android.os.Handler.handleCallback
(Handler.java:739)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:148)
at android.app.ActivityThread.main
(ActivityThread.java:5539)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745)
at
com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
java.lang.NullPointerException: Attempt to invoke interface method 'java.lang.Object[] java.util.Collection.toArray()' on a null object reference
at java.util.ArrayList.addAll(ArrayList.java:188)
at net.schueller.peertube.adapter.VideoAdapter.setData(VideoAdapter.java:157)
at net.schueller.peertube.activity.AccountActivity$2.onResponse(AccountActivity.java:246)
at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71)
at android.os.Handler.handleCallback(Handler.java:739)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:148)
at android.app.ActivityThread.main(ActivityThread.java:5539)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
java.lang.NullPointerException: Attempt to invoke virtual method 'long java.util.Date.getTime()' on a null object reference
at net.schueller.peertube.helper.MetaDataHelper.getMetaString(MetaDataHelper.java:40)
at net.schueller.peertube.fragment.VideoMetaDataFragment.updateVideoMeta(VideoMetaDataFragment.java:175)
at net.schueller.peertube.fragment.VideoPlayerFragment.playVideo(VideoPlayerFragment.java:219)
at net.schueller.peertube.fragment.VideoPlayerFragment.access$400(VideoPlayerFragment.java:78)
at net.schueller.peertube.fragment.VideoPlayerFragment$2.onResponse(VideoPlayerFragment.java:192)
at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71)
at android.os.Handler.handleCallback(Handler.java:739)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:148)
at android.app.ActivityThread.main(ActivityThread.java:5539)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
java.lang.NullPointerException: Attempt to invoke virtual method 'net.schueller.peertube.model.Avatar net.schueller.peertube.model.Account.getAvatar()' on a null object reference
at net.schueller.peertube.fragment.VideoMetaDataFragment.updateVideoMeta(VideoMetaDataFragment.java:157)
at net.schueller.peertube.fragment.VideoPlayerFragment.playVideo(VideoPlayerFragment.java:219)
at net.schueller.peertube.fragment.VideoPlayerFragment.access$400(VideoPlayerFragment.java:78)
at net.schueller.peertube.fragment.VideoPlayerFragment$2.onResponse(VideoPlayerFragment.java:192)
at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71)
at android.os.Handler.handleCallback(Handler.java:739)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:148)
at android.app.ActivityThread.main(ActivityThread.java:5539)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
Five:crashActivity=net.schueller.peertube.activity.ServerAddressBookActivity
:
java.lang.NullPointerException: Attempt to invoke interface method 'java.lang.Object[] java.util.Collection.toArray()' on a null object reference
at java.util.ArrayList.addAll(ArrayList.java:188)
at net.schueller.peertube.adapter.ServerSearchAdapter.setData(ServerSearchAdapter.java:145)
at net.schueller.peertube.activity.SearchServerActivity$2.onResponse(SearchServerActivity.java:154)
at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71)
at android.os.Handler.handleCallback(Handler.java:739)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:148)
at android.app.ActivityThread.main(ActivityThread.java:5539)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
Finally:
The cause of the program crash may be that the network response data is not handled properly in the code. Such as, developers probably ignore the fact that data is null.
Although this kind of collapse is relatively rare, it is also worthy of attention.
If you have confirmed or fixed this problem, please give me a reply, thank you!
---
Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/92611804-network-api-response-data-crashes-issue?utm_campaign=plugin&utm_content=tracker%2F89466969&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F89466969&utm_medium=issues&utm_source=github).
Different from question #220. We're doing a study. We use the fuzzing method to simulate the network response data. For example, when the app receives network API response data from the server or network, we will replace it with 404, null and random data.
A very simple example:
normal data :Value=”hello” -----fuzzing-----> simulated data :Value=null or network request fails(404、503) or Value=”heee”(random data) or Value=""(empty) , etc.
Description information: We find that mobile apps are prone to crashes due to a network issue, mainly because successful network API calls return unexpected or no data. And we found that when this app's network returned data is null or some fields are null (JSON format) , or is empty, or the network request fails (status code is 404/503), or a random value , the app has crashed.
Environment Info: APK version 1.0.47 (1047) Simulator AndroidOS Version = “6.0.1”
crash information: All of the following crash problems are caused by fuzzing data
one:
crashActivity=net.schueller.peertube.activity.VideoListActivity
java.lang.NullPointerException: Attempt to invoke interface method 'java.lang.Object[] java.util.Collection.toArray()' on a null object reference at java.util.ArrayList.addAll (ArrayList.java:188) at net.schueller.peertube.adapter.VideoAdapter.setData(VideoAdapter.java:157) at net.schueller.peertube.activity.VideoListActivity$5.onResponse (VideoListActivity.java:351) at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71) at android.os.Handler.handleCallback (Handler.java:739) at android.os.Handler.dispatchMessage(Handler.java:95) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main (ActivityThread.java:5539) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745) at
com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
Two: crashActivity=net.schueller.peertube.activity.AccountActivity
java.lang.NullPointerException: Attempt to invoke interface method 'java.lang.Object[] java.util.Collection.toArray()' on a null object reference at java.util.ArrayList.addAll(ArrayList.java:188) at net.schueller.peertube.adapter.VideoAdapter.setData(VideoAdapter.java:157) at net.schueller.peertube.activity.AccountActivity$2.onResponse(AccountActivity.java:246) at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71) at android.os.Handler.handleCallback(Handler.java:739) at android.os.Handler.dispatchMessage(Handler.java:95) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:5539) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
Three: crashActivity=net.schueller.peertube.activity.VideoPlayActivity
java.lang.NullPointerException: Attempt to invoke virtual method 'long java.util.Date.getTime()' on a null object reference at net.schueller.peertube.helper.MetaDataHelper.getMetaString(MetaDataHelper.java:40) at net.schueller.peertube.fragment.VideoMetaDataFragment.updateVideoMeta(VideoMetaDataFragment.java:175) at net.schueller.peertube.fragment.VideoPlayerFragment.playVideo(VideoPlayerFragment.java:219) at net.schueller.peertube.fragment.VideoPlayerFragment.access$400(VideoPlayerFragment.java:78) at net.schueller.peertube.fragment.VideoPlayerFragment$2.onResponse(VideoPlayerFragment.java:192) at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71) at android.os.Handler.handleCallback(Handler.java:739) at android.os.Handler.dispatchMessage(Handler.java:95) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:5539) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
Four: crashActivity=net.schueller.peertube.activity.VideoPlayActivity
java.lang.NullPointerException: Attempt to invoke virtual method 'net.schueller.peertube.model.Avatar net.schueller.peertube.model.Account.getAvatar()' on a null object reference at net.schueller.peertube.fragment.VideoMetaDataFragment.updateVideoMeta(VideoMetaDataFragment.java:157) at net.schueller.peertube.fragment.VideoPlayerFragment.playVideo(VideoPlayerFragment.java:219) at net.schueller.peertube.fragment.VideoPlayerFragment.access$400(VideoPlayerFragment.java:78) at net.schueller.peertube.fragment.VideoPlayerFragment$2.onResponse(VideoPlayerFragment.java:192) at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71) at android.os.Handler.handleCallback(Handler.java:739) at android.os.Handler.dispatchMessage(Handler.java:95) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:5539) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
Five: crashActivity=net.schueller.peertube.activity.ServerAddressBookActivity : java.lang.NullPointerException: Attempt to invoke interface method 'java.lang.Object[] java.util.Collection.toArray()' on a null object reference at java.util.ArrayList.addAll(ArrayList.java:188) at net.schueller.peertube.adapter.ServerSearchAdapter.setData(ServerSearchAdapter.java:145) at net.schueller.peertube.activity.SearchServerActivity$2.onResponse(SearchServerActivity.java:154) at retrofit2.ExecutorCallAdapterFactory$ExecutorCallbackCall$1$1.run(ExecutorCallAdapterFactory.java:71) at android.os.Handler.handleCallback(Handler.java:739) at android.os.Handler.dispatchMessage(Handler.java:95) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:5539) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:745) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:635)
Finally: The cause of the program crash may be that the network response data is not handled properly in the code. Such as, developers probably ignore the fact that data is null. Although this kind of collapse is relatively rare, it is also worthy of attention. If you have confirmed or fixed this problem, please give me a reply, thank you!