fix(DefaultUIController): guard SSL-error dialog against finishing activity (#1065)#1081
fix(DefaultUIController): guard SSL-error dialog against finishing activity (#1065)#1081jim-daf wants to merge 1 commit intoJustson:androidxfrom
Conversation
…tivity (Justson#1065) Resolves Justson#1065 The crash reported in Justson#1065 is a WindowManager$BadTokenException raised from DefaultUIController.onShowSslCertificateErrorDialog when AlertDialog is shown after the hosting Activity has already started its finishing/destroyed teardown. The WebView delivers SSL error callbacks on the main thread and there is no guarantee the cached mActivity is still in a state where it can host a dialog. This change short-circuits the path when the activity is null, finishing, or destroyed, calling handler.cancel() in that case so we fail safe rather than crash. The same check is repeated immediately before AlertDialog.show(), and the show() call itself is wrapped in a try/catch for the residual race where the activity transitions between our last check and the platform call.
jim-daf
changed the title
jim-daf
force-pushed
the
fix/security-issue-1065
branch
from
302a5dc to
40aa5c0
Compare
There was a problem hiding this comment.
Pull request overview
Fixes a crash (WindowManager$BadTokenException) when showing the SSL certificate error dialog after the hosting Activity has begun finishing/destroying (Issue #1065), by failing safe (cancelling the SSL request) when UI can’t be safely shown.
Changes:
- Adds an early guard to cancel the SSL request if the
Activityis null/finishing/destroyed before building the dialog. - Adds a second guard immediately before
show()to reduce the race window. - Wraps
AlertDialog.show()in atry/catchto safely handle residualBadTokenException/IllegalStateExceptioncases.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| if (mActivity == null || mActivity.isFinishing() | ||
| || (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR1 && mActivity.isDestroyed())) { | ||
| handler.cancel(); | ||
| return; | ||
| } |
There was a problem hiding this comment.
Elsewhere in this class you copy this.mActivity into a local Activity mActivity before checking/using it (e.g., onLoading()), which avoids repeated field reads and makes the null/finishing/destroyed checks consistent. Here the method uses the field directly and later calls mActivity.isFinishing() again without a null check; consider adopting the same local-variable pattern (and include activity == null in the second guard) for consistency and to avoid potential NPEs if mActivity changes.
Guard the SSL-error dialog against a finishing/destroyed activity
Resolves #1065 -
WindowManager$BadTokenExceptionfromDefaultUIController.onShowSslCertificateErrorDialog.What was happening
The crash trace in the issue ends in
AlertDialog$Builder.show(...)fromDefaultUIController.onShowSslCertificateErrorDialog. The reporter notesthat the surrounding methods (e.g.
onLoading,onCancelLoading) alreadyguard against
Activity#isFinishing, butonShowSslCertificateErrorDialogdid not. Because
WebViewdeliversonReceivedSslErroron the main threadasynchronously,
mActivitymay have started its finish/destroy teardownbefore the dialog is shown, and adding a window with a stale token throws
BadTokenException.Fix
agentweb-core/src/main/java/com/just/agentweb/DefaultUIController.java:handler.cancel()ifmActivityisnull,isFinishing(), or (API ≥17)isDestroyed().AlertDialog.show()to closethe small race between building the dialog and showing it.
show()call in atry/catchforWindowManager.BadTokenExceptionandIllegalStateExceptionso anyresidual race fails safely rather than crashing.
Failing safe means cancelling the SSL request, i.e. not silently
accepting an untrusted certificate when we can't ask the user.