Fix Invalid JSON Crash (#323)

* Fix Invalid JSON Crash

• Fixes a rare crash during registration, suspected to be caused by invalid JSON in tags (first issue #322 )
• Adds JSON validation to all requests
• Fixes unit tests, which were failing around 30% of the time due to concurrency issues
• Fixes nil device_model crash (second issue in #322 )
• Adds a test to ensure invalid JSON won't cause a crash

Author: Nightsd01

iOS_SDK/OneSignalSDK/Source/OneSignal.m

@@ -624,9 +624,9 @@ + (void)sendTagsWithJsonString:(NSString*)jsonString {
 
     NSData* data = [jsonString dataUsingEncoding:NSUTF8StringEncoding];
     NSDictionary* keyValuePairs = [NSJSONSerialization JSONObjectWithData:data options:kNilOptions error:&jsonError];
-    if (jsonError == nil)
+    if (jsonError == nil) {
         [self sendTags:keyValuePairs];
-    else {
+    } else {
         onesignal_Log(ONE_S_LL_WARN,[NSString stringWithFormat: @"sendTags JSON Parse Error: %@", jsonError]);
         onesignal_Log(ONE_S_LL_WARN,[NSString stringWithFormat: @"sendTags JSON Parse Error, JSON: %@", jsonString]);
     }
@@ -638,6 +638,18 @@ + (void)sendTags:(NSDictionary*)keyValuePair {
 
 + (void)sendTags:(NSDictionary*)keyValuePair onSuccess:(OSResultSuccessBlock)successBlock onFailure:(OSFailureBlock)failureBlock {
 
+    if (![NSJSONSerialization isValidJSONObject:keyValuePair]) {
+        onesignal_Log(ONE_S_LL_WARN, [NSString stringWithFormat:@"sendTags JSON Invalid: The following key/value pairs you attempted to send as tags are not valid JSON: %@", keyValuePair]);
+        return;
+    }
+    
+    for (NSString *key in [keyValuePair allKeys]) {
+        if ([keyValuePair[key] isKindOfClass:[NSDictionary class]]) {
+            onesignal_Log(ONE_S_LL_WARN, @"sendTags Tags JSON must not contain nested objects");
+            return;
+        }
+    }
+    
     if (tagsToSend == nil)
         tagsToSend = [keyValuePair mutableCopy];
     else
@@ -983,7 +995,6 @@ + (void)registerUserInternal {
 
     let dataDic = [NSMutableDictionary dictionaryWithObjectsAndKeys:
                    app_id, @"app_id",
-                   deviceModel, @"device_model",
                    [[UIDevice currentDevice] systemVersion], @"device_os",
                    [NSNumber numberWithInt:(int)[[NSTimeZone localTimeZone] secondsFromGMT]], @"timezone",
                    [NSNumber numberWithInt:0], @"device_type",
@@ -992,6 +1003,9 @@ + (void)registerUserInternal {
                    self.currentSubscriptionState.pushToken, @"identifier", // identifier MUST be at the end as it could be nil.
                    nil];
 
+    if (deviceModel)
+        dataDic[@"device_model"] = deviceModel;
+    
     if (build)
         dataDic[@"game_version"] = build;
 

iOS_SDK/OneSignalSDK/Source/OneSignalRequest.m

@@ -27,6 +27,7 @@
 
 #import "OneSignalRequest.h"
 #import "OneSignalHelper.h"
+#import "OneSignal.h"
 #import "Requests.h"
 
 #define API_VERSION @"api/v1/"
@@ -73,6 +74,12 @@ -(void)attachBodyToRequest:(NSMutableURLRequest *)request withParameters:(NSDict
     if (!self.parameters)
         return;
 
+    //to prevent a crash, print error and return before attempting to serialize to JSON data
+    if (![NSJSONSerialization isValidJSONObject:self.parameters]) {
+        [OneSignal onesignal_Log:ONE_S_LL_WARN message:[NSString stringWithFormat:@"OneSignal Attempted to make a request with an invalid JSON body: %@", self.parameters]];
+        return;
+    }
+    
     NSError *error;
     NSData *jsonData = [NSJSONSerialization dataWithJSONObject:parameters options:NSJSONWritingPrettyPrinted error:&error];