Skip to content

fix: Fix JSON encoding of infinite numeric values in crash reports#7802

Merged
denrase merged 10 commits intomainfrom
fix/harden-float-json-encoding
Apr 27, 2026
Merged

fix: Fix JSON encoding of infinite numeric values in crash reports#7802
denrase merged 10 commits intomainfrom
fix/harden-float-json-encoding

Conversation

@denrase
Copy link
Copy Markdown
Collaborator

@denrase denrase commented Apr 14, 2026
edited
Loading

📜 Description

Ports numeric encoding guards from upstream KSCrash (kstenerud/KSCrash#526 (kstenerud/KSCrash#526)):

  • Encode ±infinity as 1e999/-1e999 instead of the invalid JSON literal inf
  • Validate snprintf return before emitting data (format before beginElement so errors can't corrupt the JSON stream)

💡 Motivation and Context

Relates to #4580

💚 How did you test it?

Unit tests.

📝 Checklist

You have to check all boxes before merging:

  • I added tests to verify the changes.
  • No new PII added or SDK only sends newly added PII if sendDefaultPII is enabled.
  • I updated the docs if needed.
  • I updated the wizard if needed.
  • Review from the native team if needed.
  • No breaking change or entry added to the changelog.
  • No breaking change for hybrid SDKs or communicated to hybrid SDKs.

@denrase
fix: Harden float JSON encoding and validate battery level
31ded34 
Ports numeric encoding guards from upstream KSCrash (kstenerud/KSCrash#526 (kstenerud/KSCrash#526)):
 - Encode ±infinity as 1e999/-1e999 instead of the invalid JSON literal inf
 - Validate snprintf return before emitting data (format before beginElement so errors can't corrupt the JSON stream)

Also validates battery level in SentrySystemEventBreadcrumbs — rejects non-finite and out of-range values before they reach the crash-scope JSON encoder.

Relates to #4580
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 14, 2026
edited
Loading

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

Bug Fixes 🐛

  • (replay) Keep replayType as buffer for Session Replay triggered by an error by romtsn in #7804
  • Harden SentryCrash JSON floating-point encoding by denrase in #7802
  • Copy mutable collections before passing to scope observers by antonis in #7807
  • Detect development builds via provisioning profile entitlement by denrase in #7702

Internal Changes 🔧

Deps

  • Bump actions/upload-pages-artifact from 4.0.0 to 5.0.0 by dependabot in #7789
  • Bump actions/github-script from 8.0.0 to 9.0.0 by dependabot in #7793

🤖 This preview updates automatically when you update the PR.

@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 14, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 76.00000% with 6 lines in your changes missing coverage. Please review.
✅ Project coverage is 85.470%. Comparing base (c9cbc23) to head (2d87228).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
...SentryCrash/Recording/Tools/SentryCrashJSONCodec.c 76.000% 6 Missing ⚠️
Additional details and impacted files

Impacted file tree graph

@@              Coverage Diff              @@
##              main     #7802       +/-   ##
=============================================
+ Coverage   85.452%   85.470%   +0.018%     
=============================================
  Files          487       487               
  Lines        29311     29327       +16     
  Branches     12671     12680        +9     
=============================================
+ Hits         25047     25066       +19     
+ Misses        4213      4211        -2     
+ Partials        51        50        -1
Files with missing lines Coverage Δ
...SentryCrash/Recording/Tools/SentryCrashJSONCodec.c 88.734% <76.000%> (-0.665%) ⬇️

... and 5 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c9cbc23...2d87228. Read the comment docs.

@denrase denrase marked this pull request as ready for review April 14, 2026 15:44
itaybre
itaybre reviewed Apr 15, 2026
View reviewed changes
Comment thread Sources/Swift/Integrations/Breadcrumbs/SentrySystemEventBreadcrumbs.swift Outdated
Comment thread Sources/SentryCrash/Recording/Tools/SentryCrashJSONCodec.c
@denrase denrase requested a review from itaybre April 17, 2026 08:38
@denrase denrase changed the title fix: Harden float JSON encoding and validate battery level fix: harden SentryCrash JSON floating-point encoding Apr 17, 2026
@denrase denrase changed the title fix: harden SentryCrash JSON floating-point encoding fix: Harden SentryCrash JSON floating-point encoding Apr 17, 2026
philprime
philprime reviewed Apr 20, 2026
View reviewed changes
Comment thread CHANGELOG.md Outdated
@denrase denrase changed the title fix: Harden SentryCrash JSON floating-point encoding fix: Fix JSON encoding of infinite numeric values in crash reports Apr 27, 2026
@denrase denrase requested a review from philprime April 27, 2026 07:45
philprime
philprime approved these changes Apr 27, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@philprime philprime left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with comments

Comment thread Sources/SentryCrash/Recording/Tools/SentryCrashJSONCodec.c Outdated
Comment thread Sources/SentryCrash/Recording/Tools/SentryCrashJSONCodec.c Outdated
@denrase denrase added ready-to-merge Use this label to trigger all PR workflows labels Apr 27, 2026
@sentry
Copy link
Copy Markdown

sentry Bot commented Apr 27, 2026
edited
Loading

📲 Install Builds

iOS

🔗 App Name App ID Version Configuration
SDK-Size io.sentry.sample.SDK-Size 9.11.0 (1) Release

⚙️ sentry-cocoa Build Distribution Settings

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 27, 2026
edited
Loading

Performance metrics 🚀

  Plain With Sentry Diff
Startup time 1237.92 ms 1274.51 ms 36.59 ms
Size 24.14 KiB 1.14 MiB 1.11 MiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
bab8d5e 1225.12 ms 1258.35 ms 33.23 ms
e8cc4e7 1204.21 ms 1239.22 ms 35.01 ms
164f67b 1218.07 ms 1245.28 ms 27.21 ms
60ea6f8 1209.42 ms 1246.62 ms 37.21 ms
3a42337 1221.24 ms 1249.06 ms 27.82 ms
18c94be 1218.26 ms 1258.80 ms 40.54 ms
b206854 1228.68 ms 1250.76 ms 22.08 ms
21cd5ba 1218.68 ms 1255.54 ms 36.86 ms
2aca3cc 1229.83 ms 1263.59 ms 33.76 ms
4b41eee 1209.96 ms 1243.12 ms 33.16 ms

App size

Revision Plain With Sentry Diff
bab8d5e 24.14 KiB 1.13 MiB 1.11 MiB
e8cc4e7 24.14 KiB 1.11 MiB 1.09 MiB
164f67b 24.14 KiB 1.12 MiB 1.09 MiB
60ea6f8 24.14 KiB 1.12 MiB 1.10 MiB
3a42337 24.14 KiB 1.11 MiB 1.09 MiB
18c94be 24.14 KiB 1.10 MiB 1.08 MiB
b206854 24.14 KiB 1.07 MiB 1.04 MiB
21cd5ba 24.14 KiB 1.04 MiB 1.02 MiB
2aca3cc 24.14 KiB 1.11 MiB 1.09 MiB
4b41eee 24.14 KiB 1.09 MiB 1.07 MiB

Previous results on branch: fix/harden-float-json-encoding

Startup times

Revision Plain With Sentry Diff
a66b969 1229.78 ms 1264.04 ms 34.27 ms

App size

Revision Plain With Sentry Diff
a66b969 24.14 KiB 1.14 MiB 1.11 MiB

@denrase denrase enabled auto-merge (squash) April 27, 2026 13:14
@denrase denrase merged commit 434f72a into main Apr 27, 2026
206 of 207 checks passed
@denrase denrase deleted the fix/harden-float-json-encoding branch April 27, 2026 13:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@philprime philprime philprime approved these changes

@philipphofmann philipphofmann Awaiting requested review from philipphofmann philipphofmann is a code owner

@noahsmartin noahsmartin Awaiting requested review from noahsmartin noahsmartin is a code owner

@itaybre itaybre Awaiting requested review from itaybre itaybre is a code owner

Assignees

No one assigned

Labels

ready-to-merge Use this label to trigger all PR workflows

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@denrase @itaybre @philprime