Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -325,4 +325,21 @@ public abstract class BaseCredentialsManager internal constructor(
return "$audience::${sortedScope}"

}

internal inline fun <T> runCatchingOnExecutor(
callback: Callback<T, CredentialsManagerException>,
block: () -> Unit
) {
try {
block()
} catch (t: Throwable) {
if (t is VirtualMachineError || t is ThreadDeath || t is LinkageError) {
throw t
}
Log.e("BaseCredentialsManager", "Unexpected error in executor block", t)
callback.onFailure(
CredentialsManagerException(CredentialsManagerException.Code.UNKNOWN_ERROR, t)
)
Comment on lines +335 to +342

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🩺 Stability & Availability | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Map the relevant file and inspect the target region.
ast-grep outline auth0/src/main/java/com/auth0/android/authentication/storage/BaseCredentialsManager.kt --view expanded || true
wc -l auth0/src/main/java/com/auth0/android/authentication/storage/BaseCredentialsManager.kt
sed -n '300,360p' auth0/src/main/java/com/auth0/android/authentication/storage/BaseCredentialsManager.kt

Repository: auth0/Auth0.Android

Length of output: 3597


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Check whether similar Throwable handling elsewhere in the repo already excludes fatal errors.
rg -n "catch \(t: Throwable\)|catch \([a-zA-Z_]+: Throwable\)|VirtualMachineError|ThreadDeath|LinkageError" auth0/src/main/java/com/auth0/android -S

Repository: auth0/Auth0.Android

Length of output: 281


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Probe Kotlin/JVM semantics for catching fatal errors is not needed; instead inspect API contract/docs if any mention this executor helper.
rg -n "runCatchingOnExecutor|Unexpected error in executor block|UNKNOWN_ERROR|CredentialsManagerException.Code.UNKNOWN_ERROR" auth0/src/main/java/com/auth0/android auth0/README.md auth0/EXAMPLES.md -S

Repository: auth0/Auth0.Android

Length of output: 5250


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect the exact helper and nearby implementations to see whether fatal errors are intentionally converted into callback failures.
sed -n '320,350p' auth0/src/main/java/com/auth0/android/authentication/storage/BaseCredentialsManager.kt
printf '\n---\n'
rg -n "catch \(t: Throwable\)|catch \(e: Exception\)|runCatchingOnExecutor|UNKNOWN_ERROR" auth0/src/main/java/com/auth0/android/authentication/storage -S

Repository: auth0/Auth0.Android

Length of output: 2792


Rethrow fatal JVM errors before mapping Throwable to UNKNOWN_ERROR. VirtualMachineError, ThreadDeath, and LinkageError should escape here instead of being converted into a recoverable callback failure.

Suggested guard
-        } catch (t: Throwable) {
+        } catch (t: Throwable) {
+            if (t is VirtualMachineError || t is ThreadDeath || t is LinkageError) {
+                throw t
+            }
             Log.e("BaseCredentialsManager", "Unexpected error in executor block", t)
             callback.onFailure(
                 CredentialsManagerException(CredentialsManagerException.Code.UNKNOWN_ERROR, t)
             )
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
} catch (t: Throwable) {
Log.e("BaseCredentialsManager", "Unexpected error in executor block", t)
callback.onFailure(
CredentialsManagerException(CredentialsManagerException.Code.UNKNOWN_ERROR, t)
)
} catch (t: Throwable) {
if (t is VirtualMachineError || t is ThreadDeath || t is LinkageError) {
throw t
}
Log.e("BaseCredentialsManager", "Unexpected error in executor block", t)
callback.onFailure(
CredentialsManagerException(CredentialsManagerException.Code.UNKNOWN_ERROR, t)
)
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@auth0/src/main/java/com/auth0/android/authentication/storage/BaseCredentialsManager.kt`
around lines 335 - 339, The catch block in BaseCredentialsManager’s executor
handling is swallowing fatal JVM errors by treating every Throwable as an
UNKNOWN_ERROR callback failure. Update the Throwable handling in this block to
rethrow VirtualMachineError, ThreadDeath, and LinkageError before the Log.e and
callback.onFailure path, so only non-fatal exceptions are mapped to
CredentialsManagerException.Code.UNKNOWN_ERROR.

}
}
}
Loading
Loading