-
Notifications
You must be signed in to change notification settings - Fork 527
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Custom AndroidMessageHandler.ServerCertificateCustomValidationCallback that returns false may cause application crash while debugging. #8608
Comments
You may run sample code more than one time to crash application. Debugger is required. |
To be clear, the issue is that the exception isn't caught, correct? The exception is expected, but the |
With VS2022 17.8.3 debugger it's going to crash application, after second time running sample code. Without debugger seems works fine. There something strange happens. |
With a debugger, it looks like a crash from an uncaught exception. |
Please provide more information about the crash. We would need the following: Any messages VS shows in either its output/debug/etc panes and screenshots of popup boxes (if any) it produces. Full logcat of the application from the device/emulator. To record it, please follow the steps below:
Please attach |
Here requested addtional info |
Your sample uses an
It might be a bug on the Java side for this particular scenario, or something we don't handle well in our use of the certificate manager. @simonrozsival you have more experience and knowledge about this topic than I do, would you be able to look at this issue? Thanks! |
@grendello I'll have a look |
My observations:
It seems to me that the exception thrown in the TrustManager (https://github.com/xamarin/xamarin-android/blob/main/src/Mono.Android/Xamarin.Android.Net/ServerCertificateCustomValidator.cs#L73) leaves the thread pool thread in an invalid state when debugging and when we try to run some other Task on the thread, the app crashes. If I understand how the Java interop layer works correctly, the exception is transformed from .NET exception to a matching Java exception when transitioning to Java (https://learn.microsoft.com/en-us/dotnet/api/javax.security.cert.certificateexception?view=xamarin-android-sdk-13). Is it possible that this transition from .NET to Java context breaks when debugging? |
@anton-yashin: does it crash in a Release configuration app or when not debugging the app? Cross-VM exception handling in Debug builds is potentially brittle; see also:
From #4548 (comment), if you have a managed method
Emphasis added. The abort you're seeing could be explaind by the JVM callstack being correupted when Your app still fails when not debugging, that would suggest something else is going on, but right now, I believe it's because of our altered exception handling behavior when the debugger is attached. |
@jonpryor: This only happens if the debugger is attached. In release and without debugger seems fine. |
Then as I feared, the only "fix" for now is to not have an unhandled first-chance C# exception, and your having Unfortunately, as per @simonrozsival's image, the exception is being thrown from This can't be easily fixed without additional runtime support. |
Thanks for your time. |
My team seems to be running into this. Are there any other related tickets open? We are just getting organized to look into this. Is there anything we could do to help move things along? |
Would it be possible to raise the Java exception directly through some JNI helper in |
Android application type
.NET Android (net7.0-android, net8.0-android, etc.)
Affected platform version
VS2022 18.3 with .net 34.0.43/8.0.100
Description
When you using AndroidMessageHandler with ServerCertificateCustomValidationCallback that returns false while debugging you may get application crash.
Steps to Reproduce
Sample code:
See sample project in attachment: UnhandledCertificateException.zip
Did you find any workaround?
No response
Relevant log output
No response
The text was updated successfully, but these errors were encountered: