From bcb7c048b5b8bc45d6affd03735dfb3cfd2cd08e Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Wed, 22 Jan 2014 21:38:53 -0500
Subject: [PATCH] protect ManageRepo from malformed incoming URIs

URIs can come from clicking a web page, NFC transmission, QR Code scan, and
more.  This code stops badly formed Uri strings from crashing F-Droid.  It
then shows a Toast error message that it can't understand the incoming URI.
---
 res/values/strings.xml                |  1 +
 src/org/fdroid/fdroid/ManageRepo.java | 16 +++++++++++-----
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/res/values/strings.xml b/res/values/strings.xml
index cb945ff4a..e9bda803d 100644
--- a/res/values/strings.xml
+++ b/res/values/strings.xml
@@ -81,6 +81,7 @@
 	<string name="repo_exists_enable">This repo is already setup, confirm that you want to re-enable it.</string>
 	<string name="repo_exists_and_enabled">The incoming repo is already setup and enabled!</string>
 	<string name="repo_delete_to_overwrite">You must first delete this repo before you can add one with a different key!</string>
+	<string name="malformed_repo_uri">Ignoring malformed repo URI: %s</string>
 
 	<string name="repo_alrt">The list of used repositories has
 		changed.\nDo you
diff --git a/src/org/fdroid/fdroid/ManageRepo.java b/src/org/fdroid/fdroid/ManageRepo.java
index 765999a76..8bc0735c3 100644
--- a/src/org/fdroid/fdroid/ManageRepo.java
+++ b/src/org/fdroid/fdroid/ManageRepo.java
@@ -226,13 +226,20 @@ class RepoListFragment extends ListFragment
 
         /* let's see if someone is trying to send us a new repo */
         Intent intent = getActivity().getIntent();
-        /* an URL from a click or a QRCode scan */
+        /* an URL from a click, NFC, QRCode scan, etc */
         Uri uri = intent.getData();
         if (uri != null) {
-            // scheme should only ever be pure ASCII aka Locale.ENGLISH
-            String scheme = intent.getScheme().toLowerCase(Locale.ENGLISH);
+            // scheme and host should only ever be pure ASCII aka Locale.ENGLISH
+            String scheme = intent.getScheme();
+            String host = uri.getHost();
+            if (scheme == null || host == null) {
+                String msg = String.format(getString(R.string.malformed_repo_uri), uri);
+                Toast.makeText(getActivity(), msg, Toast.LENGTH_LONG).show();
+                return;
+            }
+            scheme = scheme.toLowerCase(Locale.ENGLISH);
+            host = host.toLowerCase(Locale.ENGLISH);
             String fingerprint = uri.getUserInfo();
-            String host = uri.getHost().toLowerCase(Locale.ENGLISH);
             if (scheme.equals("fdroidrepos") || scheme.equals("fdroidrepo")
                     || scheme.equals("https") || scheme.equals("http")) {
 
@@ -252,7 +259,6 @@ class RepoListFragment extends ListFragment
                         .replace(intent.getScheme(), scheme) // downcase scheme
                         .replace("fdroidrepo", "http"); // make proper URL
                 showAddRepo(uriString, fingerprint);
-                Log.i("ManageRepo", uriString + " fingerprint: " + fingerprint);
             }
         }
     }