[TIMOB-26988] iOS: Code is evaluated incorrectly, causing hard crashes
| GitHub Issue | n/a |
|---|---|
| Type | Bug |
| Priority | None |
| Status | Open |
| Resolution | Unresolved |
| Affected Version/s | Release 8.0.0, Release 8.1.0 |
| Fix Version/s | n/a |
| Components | iOS |
| Labels | n/a |
| Reporter | Hans Knöchel |
| Assignee | Unknown |
| Created | 2019-04-19T09:03:21.000+0000 |
| Updated | 2020-04-27T16:54:42.000+0000 |
Description
We are receiving some very rare hard crashes that are identified by incorrect proxies being passed to functions. This is really really critical since Titanium for example tries to add a list-view-section to a tabgroup via
tabGroup.tabs = xxxx instead of the actual array of tabs. Here is the error:
[ERROR] Unhandled promise rejection {
[ERROR] column = 86;
[ERROR] line = 73;
[ERROR] message = "Invalid type passed to function";
[ERROR] nativeLocation = "-[TiUITabGroupProxy setTabs:] (TiUITabGroupProxy.m:117)";
[ERROR] nativeReason = "expected: TiUITabProxy, was: TiUIListSectionProxy";
[ERROR] nativeStack = "3 MyApp0x000000010963bd21 -[TiUITabGroupProxy setTabs:] + 1297\n4 Foundation 0x00000001111b7562 -[NSObject(NSKeyValueCoding) setValue:forKey:] + 289\n5 TitaniumKit0x000000011303085f -[TiProxy setValuesForKeysWithDictionary:] + 1558\n6 TitaniumKit0x000000011301083d -[TiViewProxy _initWithProperties:] + 1338\n7 MyApp0x000000010963aee4 -[TiUITabGroupProxy _initWithProperties:] + 260\n8 TitaniumKit0x000000011302e118 -[TiProxy _initWithPageContext:args:] + 335\n9 TitaniumKit0x0000000112fda375 -[TiModule createProxy:forName:context:] + 409\n10 CoreFoundation 0x0000000113ea94cc __invoking___ + 140\n11 CoreFoundation 0x0000000113ea6a45 -[NSInvocation invoke] + 325\n12 TitaniumKit0x000000011302c835 -[KrollMethod call:] + 606\n13 TitaniumKit0x000000011302bc88 __KrollCallAsFunction_block_invoke + 30\n14 TitaniumKit0x000000011302ba94 KrollCallAsFunction + 496\n15 JavaScriptCore 0x000000010ad6f8d3 _ZN3JSC16JSCallbackObjectINS_20JSDestructibleObjectEE4callEPNS_9ExecStateE + 515\n16 JavaScriptCore 0x000000010b2154fc _ZN3JSC5LLInt9setUpCallEPNS_9ExecStateENS_22CodeSpecializationKindENS_7JSValueEPNS_17LLIntCallLinkInfoE + 380\n17 JavaScriptCore 0x000000010ad3ab63 llint_entry + 61648\n18 JavaScriptCore 0x000000010ad3b28d llint_entry + 63482\n19 JavaScriptCore 0x000000010ad3ab71 llint_entry + 61662";
[ERROR] sourceURL = "file:///Users/hans/Library/Developer/CoreSimulator/Devices/DF26791D-8718-4925-B10A-A5790E017287/data/Containers/Bundle/Application/04C25071-87A3-4B4C-B66C-ABB7DC337252/MyApp.app/alloy/controllers/container.js";
[ERROR] stack = " at [native code]\n at Controller(/alloy/controllers/container.js:73:86)\n at createController(/alloy.js:339:53)\n at openProtectedArea(/alloy/controllers/auth/login.js:350:51)\n at onLogin(/alloy/controllers/auth/login.js:340:22)\n at (/alloy/controllers/auth/login.js:254:16)\n at _callee3$(/login-manager.js:240:33)\n at tryCatch(/ti.main.js:3994:23)\n at invoke(/ti.main.js:4221:32)\n at asyncGeneratorStep(/login-manager.js:3:250)\n at _next(/login-manager.js:3:606)\n at run(/ti.main.js:1662:29)\n at (/ti.main.js:1683:10)\n at flush(/ti.main.js:1487:11)\n at promiseReactionJob@[native code])";
[ERROR] toJSON = "<KrollCallback: 0x600003cc49c0>";
[ERROR] }
Ti.UI.ListSection to the Ti.UI.TabGroup. Titanium seems to evaluate proxies incorrectly. Since this can affect every part of our app and likely cause security issues as well, we expect immediate validation on this.
No comments