fix: harden android helper manifest and traversal

thymikee · thymikee · commit eeaa1aa93b65 · 2026-04-27T11:05:19.000-04:00
diff --git a/android-snapshot-helper/src/main/java/com/callstack/agentdevice/snapshothelper/SnapshotInstrumentation.java b/android-snapshot-helper/src/main/java/com/callstack/agentdevice/snapshothelper/SnapshotInstrumentation.java
@@ -156,8 +156,14 @@ private static int appendInteractiveWindowRoots(
         if (root == null) {
           continue;
         }
-        appendNode(xml, root, windowCount, 0, maxDepth, maxNodes, stats);
+        StringBuilder windowXml = new StringBuilder();
+        CaptureStats windowStats = stats.copy();
+        appendNode(windowXml, root, windowCount, 0, maxDepth, maxNodes, windowStats);
+        xml.append(windowXml);
+        stats.copyFrom(windowStats);
         windowCount += 1;
+      } catch (RuntimeException ignored) {
+        // Accessibility windows can disappear while traversing; keep the rest of the snapshot.
       } finally {
         if (root != null) {
           root.recycle();
@@ -249,8 +255,11 @@ private static void appendNode(
       if (child == null) {
         continue;
       }
-      appendNode(xml, child, index, depth + 1, maxDepth, maxNodes, stats);
-      child.recycle();
+      try {
+        appendNode(xml, child, index, depth + 1, maxDepth, maxNodes, stats);
+      } finally {
+        child.recycle();
+      }
     }
     xml.append("</node>");
   }
@@ -332,6 +341,18 @@ private static int readIntArgument(Bundle arguments, String name, int fallback)
   private static final class CaptureStats {
     int nodeCount;
     boolean truncated;
+
+    CaptureStats copy() {
+      CaptureStats next = new CaptureStats();
+      next.nodeCount = nodeCount;
+      next.truncated = truncated;
+      return next;
+    }
+
+    void copyFrom(CaptureStats next) {
+      nodeCount = next.nodeCount;
+      truncated = next.truncated;
+    }
   }
 
   private static final class CaptureResult {
diff --git a/src/platforms/android/__tests__/snapshot-helper.test.ts b/src/platforms/android/__tests__/snapshot-helper.test.ts
@@ -21,7 +21,7 @@ const manifest: AndroidSnapshotHelperManifest = {
   name: 'android-snapshot-helper',
   version: '0.13.3',
   apkUrl: null,
-  sha256: 'abc123',
+  sha256: 'a'.repeat(64),
   packageName: 'com.callstack.agentdevice.snapshothelper',
   versionCode: 13003,
   instrumentationRunner: 'com.callstack.agentdevice.snapshothelper/.SnapshotInstrumentation',
@@ -435,6 +435,16 @@ test('parseAndroidSnapshotHelperManifest validates manifest shape', () => {
   assert.throws(() => parseAndroidSnapshotHelperManifest({ ...manifest, installArgs: ['shell'] }), {
     message: 'Android snapshot helper manifest installArgs must start with "install".',
   });
+  assert.throws(() => parseAndroidSnapshotHelperManifest({ ...manifest, sha256: 'not-a-sha' }), {
+    message: 'Android snapshot helper manifest sha256 must be a 64-character hex string.',
+  });
+  assert.equal(
+    parseAndroidSnapshotHelperManifest({
+      ...manifest,
+      sha256: ` ${sha256Text('helper-apk').toUpperCase()} `,
+    }).sha256,
+    sha256Text('helper-apk'),
+  );
 });
 
 function helperOutput(options: { chunks: string[]; result: Record<string, string> }): string {
diff --git a/src/platforms/android/__tests__/snapshot.test.ts b/src/platforms/android/__tests__/snapshot.test.ts
@@ -41,7 +41,7 @@ const helperManifest: AndroidSnapshotHelperManifest = {
   name: 'android-snapshot-helper',
   version: '0.13.3',
   apkUrl: null,
-  sha256: 'abc123',
+  sha256: 'a'.repeat(64),
   packageName: 'com.callstack.agentdevice.snapshothelper',
   versionCode: 13003,
   instrumentationRunner: 'com.callstack.agentdevice.snapshothelper/.SnapshotInstrumentation',
diff --git a/src/platforms/android/snapshot-helper.ts b/src/platforms/android/snapshot-helper.ts
@@ -492,7 +492,7 @@ export function parseAndroidSnapshotHelperManifest(value: unknown): AndroidSnaps
     releaseTag: readOptionalString(record.releaseTag),
     assetName: readOptionalString(record.assetName),
     apkUrl: readOptionalNullableString(record.apkUrl, 'apkUrl'),
-    sha256: readString(record.sha256, 'sha256').toLowerCase(),
+    sha256: readSha256(record.sha256),
     checksumName: readOptionalString(record.checksumName),
     packageName: readString(record.packageName, 'packageName'),
     versionCode: readNumber(record.versionCode, 'versionCode'),
@@ -531,6 +531,17 @@ function readAndroidSnapshotHelperManifestInstallArgs(value: unknown): string[]
   return installArgs;
 }
 
+function readSha256(value: unknown): string {
+  const sha256 = readString(value, 'sha256').trim().toLowerCase();
+  if (sha256.length !== 64 || !isLowerHex(sha256)) {
+    throw new AppError(
+      'INVALID_ARGS',
+      'Android snapshot helper manifest sha256 must be a 64-character hex string.',
+    );
+  }
+  return sha256;
+}
+
 async function readInstalledVersionCode(
   adb: AndroidAdbExecutor,
   packageName: string,
@@ -770,3 +781,13 @@ function readStringArray(value: unknown, field: string): string[] {
   }
   return value;
 }
+
+function isLowerHex(value: string): boolean {
+  for (const char of value) {
+    const code = char.charCodeAt(0);
+    const isDigit = code >= 48 && code <= 57;
+    const isLowerHexLetter = code >= 97 && code <= 102;
+    if (!isDigit && !isLowerHexLetter) return false;
+  }
+  return true;
+}
