Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent potential SHA-1 hash mismatch in Bugsnag-Integrity header for session requests #1043

Merged
merged 1 commit into from
Dec 14, 2020
Merged

Prevent potential SHA-1 hash mismatch in Bugsnag-Integrity header for session requests #1043

merged 1 commit into from
Dec 14, 2020

Conversation

fractalwrench
Copy link
Contributor

@fractalwrench fractalwrench commented Dec 11, 2020
edited
Loading

Goal

Prevents a SHA-1 hash mismatch when the React Native notifier changes the notifier field on startup. Because the Android notifier assigns the event payload value by reference from Client#notifier, the request payload can change between generating a SHA-1 hash and making the request.

Changeset

Copied the notifier parameter when constructing a Session, so that it does not hold a copy of global state.

Testing

Added unit test to verify that the notifier property is always copied when constructing a Session.

@fractalwrench fractalwrench force-pushed the PLAT-5579/integrity-header-sessions branch from 12add8b to b77cbaa Compare December 11, 2020 15:43
@bugsnagbot
Copy link
Collaborator

bugsnagbot commented Dec 11, 2020
edited
Loading

Android notifier sizes

Format Size impact of Bugsnag (kB) Size impact of Bugsnag when Minified (kB)
APK 1441.52 1361.29
arm64_v8a 369.24 287.32
armeabi 348.77 266.85
armeabi_v7a 332.39 250.47
x86 410.19 328.27
x86_64 389.72 307.81

Generated by 🚫 Danger

@fractalwrench fractalwrench force-pushed the PLAT-5579/integrity-header-sessions branch from b77cbaa to f3a6703 Compare December 11, 2020 16:08
@fractalwrench fractalwrench merged commit 35ca225 into next Dec 14, 2020
@fractalwrench fractalwrench deleted the PLAT-5579/integrity-header-sessions branch December 14, 2020 09:59
@fractalwrench fractalwrench mentioned this pull request Dec 14, 2020
Merged
@bengourley bengourley mentioned this pull request Dec 14, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tomlongridge tomlongridge tomlongridge approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fractalwrench @bugsnagbot @tomlongridge