Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 421843

Summary: [WebClient] Null pointer crash when User-Agent is not recognized
Product: [RT] RAP Reporter: Ralf Sternberg <rsternberg>
Component: RWTAssignee: Project Inbox <rap-inbox>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P1    
Version: 2.2   
Target Milestone: 2.2 RC1   
Hardware: PC   
OS: Linux   
Whiteboard:

Description Ralf Sternberg CLA 2013-11-15 10:29:00 EST 
When IE recently changed its User-Agent string, our webclient ran into a null pointer crash (bug 421529). The offending statement was likely in Client.js, line 361, or a similar construct:

    var language = ( this._engineName.indexOf( "mshtml" ) !== -1 )
        ? navigator.userLanguage
        : navigator.language;

Since the browser identification leaves the field _engineName at null, the indexOf is a null pointer access. Either the init code should never leave browser identification fields at null or these fields must never be accessed in this way (I'd prefer the first).

At any rate, we must ensure that the client does not crash just because the client sends an unknown User-Agent. We don't know all browsers, especially not future versions. Moreover, some browsers allow customizing the User-Agent string.

Set it to P1 as this issue affects the robustness of our web client.
Comment 1 Ivan Furnadjiev CLA 2013-11-18 03:52:39 EST 
Fixed in master with commit cdec2240546aa867dc6d4aede45150ab5f08f2a6. Initialize _engineName and _browserName with "unknown" instead of null.
Comment 2 Ralf Sternberg CLA 2013-11-19 10:26:40 EST 
The idea of this bug was to make the client more robust in case of an unknown User-Agent string. This commit solves the exact crash described here, but when setting a custom User-Agent string (e.g. "funny browser") in the browser, the web client still crashes elsewhere (bug 422068).

I agree that the commit is an improvement and we should keep it. However, as it does not solve the original problem, I think that backporting this change alone doesn't make sense.