Found 3 Fatal Exception Crashes from Testing

[skngo1]

Hi! I'm a student researcher currently working on a project in the area of Android app analysis. As a part of the work centered around Intents, I found 3 bugs that resulted in crashes after analyzing logs/execution traces. Below are the relevant activities, traces, and adb commands that triggered the crashes.

These bugs may be hidden in unexposed Activities, but they are worth investigating into to prevent potential issues down the line and addressing to improve the overall robustness and quality. If anyone can be confirm these to be valid bugs first, I would appreciate it, and I can help provide more information as needed.

1. de.syss.MifareClassicTool.Activities.ValueBlocksToInt

Execution trace:

--------- beginning of crash
E AndroidRuntime: FATAL EXCEPTION: main
E AndroidRuntime: Process: de.syss.MifareClassicTool, PID: 14705
E AndroidRuntime: java.lang.RuntimeException: Unable to start activity ComponentInfo{de.syss.MifareClassicTool/de.syss.MifareClassicTool.Activities.ValueBlocksToInt}: java.lang.NullPointerException: Attempt to get length of null array
E AndroidRuntime: 	at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2913)
E AndroidRuntime: 	at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3048)
E AndroidRuntime: 	at android.app.servertransaction.LaunchActivityItem.execute(LaunchActivityItem.java:78)
E AndroidRuntime: 	at android.app.servertransaction.TransactionExecutor.executeCallbacks(TransactionExecutor.java:108)
E AndroidRuntime: 	at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:68)
E AndroidRuntime: 	at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1808)
E AndroidRuntime: 	at android.os.Handler.dispatchMessage(Handler.java:106)
E AndroidRuntime: 	at android.os.Looper.loop(Looper.java:193)
E AndroidRuntime: 	at android.app.ActivityThread.main(ActivityThread.java:6669)
E AndroidRuntime: 	at java.lang.reflect.Method.invoke(Native Method)
E AndroidRuntime: 	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
E AndroidRuntime: 	at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858)
E AndroidRuntime: Caused by: java.lang.NullPointerException: Attempt to get length of null array
E AndroidRuntime: 	at de.syss.MifareClassicTool.Activities.ValueBlocksToInt.onCreate(ValueBlocksToInt.java:70)
E AndroidRuntime: 	at android.app.Activity.performCreate(Activity.java:7136)
E AndroidRuntime: 	at android.app.Activity.performCreate(Activity.java:7127)
E AndroidRuntime: 	at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1271)
E AndroidRuntime: 	at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2893)
E AndroidRuntime: 	... 11 more

adb command that triggers it:

adb shell su 0 am start -n "de.syss.MifareClassicTool/de.syss.MifareClassicTool.Activities.ValueBlocksToInt" --es de.syss.MifareClassicTool.Activity.VB AAA

2. de.syss.MifareClassicTool.Activities.AccessConditionDecoder

Execution trace:

--------- beginning of crash
E AndroidRuntime: FATAL EXCEPTION: main
E AndroidRuntime: Process: de.syss.MifareClassicTool, PID: 15049
E AndroidRuntime: java.lang.RuntimeException: Unable to start activity ComponentInfo{de.syss.MifareClassicTool/de.syss.MifareClassicTool.Activities.AccessConditionDecoder}: java.lang.NullPointerException: Attempt to get length of null array
E AndroidRuntime: 	at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2913)
E AndroidRuntime: 	at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3048)
E AndroidRuntime: 	at android.app.servertransaction.LaunchActivityItem.execute(LaunchActivityItem.java:78)
E AndroidRuntime: 	at android.app.servertransaction.TransactionExecutor.executeCallbacks(TransactionExecutor.java:108)
E AndroidRuntime: 	at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:68)
E AndroidRuntime: 	at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1808)
E AndroidRuntime: 	at android.os.Handler.dispatchMessage(Handler.java:106)
E AndroidRuntime: 	at android.os.Looper.loop(Looper.java:193)
E AndroidRuntime: 	at android.app.ActivityThread.main(ActivityThread.java:6669)
E AndroidRuntime: 	at java.lang.reflect.Method.invoke(Native Method)
E AndroidRuntime: 	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
E AndroidRuntime: 	at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858)
E AndroidRuntime: Caused by: java.lang.NullPointerException: Attempt to get length of null array
E AndroidRuntime: 	at de.syss.MifareClassicTool.Activities.AccessConditionDecoder.onCreate(AccessConditionDecoder.java:71)
E AndroidRuntime: 	at android.app.Activity.performCreate(Activity.java:7136)
E AndroidRuntime: 	at android.app.Activity.performCreate(Activity.java:7127)
E AndroidRuntime: 	at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1271)
E AndroidRuntime: 	at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2893)
E AndroidRuntime: 	... 11 more

adb command that triggers it:

adb shell su 0 am start -n "de.syss.MifareClassicTool/de.syss.MifareClassicTool.Activities.AccessConditionDecoder" --es de.syss.MifareClassicTool.Activity.AC AAA 

3. de.syss.MifareClassicTool.Activities.DiffTool

Execution trace:

--------- beginning of crash
E AndroidRuntime: FATAL EXCEPTION: main
E AndroidRuntime: Process: de.syss.MifareClassicTool, PID: 14935
E AndroidRuntime: java.lang.RuntimeException: Unable to start activity ComponentInfo{de.syss.MifareClassicTool/de.syss.MifareClassicTool.Activities.DiffTool}: java.lang.NullPointerException: Attempt to get length of null array
E AndroidRuntime: 	at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2913)
E AndroidRuntime: 	at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3048)
E AndroidRuntime: 	at android.app.servertransaction.LaunchActivityItem.execute(LaunchActivityItem.java:78)
E AndroidRuntime: 	at android.app.servertransaction.TransactionExecutor.executeCallbacks(TransactionExecutor.java:108)
E AndroidRuntime: 	at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:68)
E AndroidRuntime: 	at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1808)
E AndroidRuntime: 	at android.os.Handler.dispatchMessage(Handler.java:106)
E AndroidRuntime: 	at android.os.Looper.loop(Looper.java:193)
E AndroidRuntime: 	at android.app.ActivityThread.main(ActivityThread.java:6669)
E AndroidRuntime: 	at java.lang.reflect.Method.invoke(Native Method)
E AndroidRuntime: 	at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
E AndroidRuntime: 	at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858)
E AndroidRuntime: Caused by: java.lang.NullPointerException: Attempt to get length of null array
E AndroidRuntime: 	at de.syss.MifareClassicTool.Activities.DiffTool.convertDumpFormat(DiffTool.java:305)
E AndroidRuntime: 	at de.syss.MifareClassicTool.Activities.DiffTool.onCreate(DiffTool.java:81)
E AndroidRuntime: 	at android.app.Activity.performCreate(Activity.java:7136)
E AndroidRuntime: 	at android.app.Activity.performCreate(Activity.java:7127)
E AndroidRuntime: 	at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1271)
E AndroidRuntime: 	at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2893)
E AndroidRuntime: 	... 11 more

adb command that triggers it:

adb shell su 0 am start -n "de.syss.MifareClassicTool/de.syss.MifareClassicTool.Activities.DiffTool" --es de.syss.MifareClassicTool.Activity.DUMP AAA 

[ikarus23]

Hi! Thank you for reporting this. Once I will find some free time I will have a closer look.

Good luck with your student project. Looking forward to new open source Android app analysis tool ;)