Commit 2a2c92b2 authored by Peter E Conn's avatar Peter E Conn Committed by Commit Bot

💸 Protect DigitalGoodsApi from crashing clients.

Android service calls propagate exceptions, so an exception in the TWA
client would be passed over and thrown in Chrome. We don't want a broken
client to be able to crash Chrome, so catch any and all exceptions.

Change-Id: I06025d32505fcc7bd96da70b19ca50b0ddebe54a
Bug: 1096428
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2367066
Commit-Queue: Peter Conn <peconn@chromium.org>
Commit-Queue: Ella Ge <eirage@chromium.org>
Auto-Submit: Peter Conn <peconn@chromium.org>
Reviewed-by: default avatarElla Ge <eirage@chromium.org>
Cr-Commit-Position: refs/heads/master@{#800220}
parent 21809060
...@@ -13,8 +13,8 @@ import static org.chromium.chrome.browser.browserservices.digitalgoods.DigitalGo ...@@ -13,8 +13,8 @@ import static org.chromium.chrome.browser.browserservices.digitalgoods.DigitalGo
import android.net.Uri; import android.net.Uri;
import android.os.Bundle; import android.os.Bundle;
import android.os.RemoteException;
import org.chromium.base.Log;
import org.chromium.chrome.browser.browserservices.TrustedWebActivityClient; import org.chromium.chrome.browser.browserservices.TrustedWebActivityClient;
import org.chromium.components.embedder_support.util.Origin; import org.chromium.components.embedder_support.util.Origin;
import org.chromium.payments.mojom.DigitalGoods.AcknowledgeResponse; import org.chromium.payments.mojom.DigitalGoods.AcknowledgeResponse;
...@@ -28,6 +28,8 @@ import androidx.browser.trusted.TrustedWebActivityServiceConnection; ...@@ -28,6 +28,8 @@ import androidx.browser.trusted.TrustedWebActivityServiceConnection;
* Activity Client. * Activity Client.
*/ */
public class DigitalGoodsAdapter { public class DigitalGoodsAdapter {
private static final String TAG = "DigitalGoods";
public static final String COMMAND_ACKNOWLEDGE = "acknowledge"; public static final String COMMAND_ACKNOWLEDGE = "acknowledge";
public static final String COMMAND_GET_DETAILS = "getDetails"; public static final String COMMAND_GET_DETAILS = "getDetails";
public static final String KEY_SUCCESS = "success"; public static final String KEY_SUCCESS = "success";
...@@ -39,13 +41,20 @@ public class DigitalGoodsAdapter { ...@@ -39,13 +41,20 @@ public class DigitalGoodsAdapter {
} }
public void getDetails(Uri scope, String[] itemIds, GetDetailsResponse callback) { public void getDetails(Uri scope, String[] itemIds, GetDetailsResponse callback) {
// TODO(1096428): Combine this and the below method (the difficulty comes from callback
// being different types).
mClient.connectAndExecute(scope, new TrustedWebActivityClient.ExecutionCallback() { mClient.connectAndExecute(scope, new TrustedWebActivityClient.ExecutionCallback() {
@Override @Override
public void onConnected(Origin origin, TrustedWebActivityServiceConnection service) public void onConnected(Origin origin, TrustedWebActivityServiceConnection service) {
throws RemoteException { // Wrap this call so that crashes in the TWA client don't cause crashes in Chrome.
Bundle result = service.sendExtraCommand(COMMAND_GET_DETAILS, Bundle result = null;
convertGetDetailsParams(itemIds), try {
convertGetDetailsCallback(callback)); result = service.sendExtraCommand(COMMAND_GET_DETAILS,
convertGetDetailsParams(itemIds), convertGetDetailsCallback(callback));
} catch (Exception e) {
Log.w(TAG, "Exception communicating with client.");
returnClientAppError(callback);
}
boolean success = result != null && boolean success = result != null &&
result.getBoolean(KEY_SUCCESS, false); result.getBoolean(KEY_SUCCESS, false);
...@@ -65,11 +74,17 @@ public class DigitalGoodsAdapter { ...@@ -65,11 +74,17 @@ public class DigitalGoodsAdapter {
AcknowledgeResponse callback) { AcknowledgeResponse callback) {
mClient.connectAndExecute(scope, new TrustedWebActivityClient.ExecutionCallback() { mClient.connectAndExecute(scope, new TrustedWebActivityClient.ExecutionCallback() {
@Override @Override
public void onConnected(Origin origin, TrustedWebActivityServiceConnection service) public void onConnected(Origin origin, TrustedWebActivityServiceConnection service) {
throws RemoteException { // Wrap this call so that crashes in the TWA client don't cause crashes in Chrome.
Bundle result = service.sendExtraCommand(COMMAND_ACKNOWLEDGE, Bundle result = null;
try {
result = service.sendExtraCommand(COMMAND_ACKNOWLEDGE,
convertAcknowledgeParams(purchaseToken, makeAvailableAgain), convertAcknowledgeParams(purchaseToken, makeAvailableAgain),
convertAcknowledgeCallback(callback)); convertAcknowledgeCallback(callback));
} catch (Exception e) {
Log.w(TAG, "Exception communicating with client.");
returnClientAppError(callback);
}
boolean success = result != null && boolean success = result != null &&
result.getBoolean(KEY_SUCCESS, false); result.getBoolean(KEY_SUCCESS, false);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment