Merge pull request #1818 from DataDog/nogorodnikov/rum-2459/safe-serialization-of-user-provided-properties

RUM-2459: Safe serialization of user-provided attributes

Author: 0xnm

dd-sdk-android-core/api/apiSurface

@@ -231,6 +231,7 @@ fun java.util.concurrent.ExecutorService.submitSafe(String, com.datadog.android.
 val NULL_MAP_VALUE: Object
 object com.datadog.android.core.internal.utils.JsonSerializer
   fun toJsonElement(Any?): com.google.gson.JsonElement
+  fun Map<String, Any?>.safeMapValuesToJson(com.datadog.android.api.InternalLogger): Map<String, com.google.gson.JsonElement>
 fun Int.toHexString(): String
 fun Long.toHexString(): String
 fun java.math.BigInteger.toHexString(): String

dd-sdk-android-core/api/dd-sdk-android-core.api

@@ -590,6 +590,7 @@ public final class com/datadog/android/core/internal/utils/ConcurrencyExtKt {
 
 public final class com/datadog/android/core/internal/utils/JsonSerializer {
 	public static final field INSTANCE Lcom/datadog/android/core/internal/utils/JsonSerializer;
+	public final fun safeMapValuesToJson (Ljava/util/Map;Lcom/datadog/android/api/InternalLogger;)Ljava/util/Map;
 	public final fun toJsonElement (Ljava/lang/Object;)Lcom/google/gson/JsonElement;
 }
 

dd-sdk-android-core/src/main/kotlin/com/datadog/android/core/internal/utils/MiscUtils.kt

@@ -16,6 +16,7 @@ import com.google.gson.JsonPrimitive
 import org.json.JSONArray
 import org.json.JSONObject
 import java.util.Date
+import java.util.Locale
 
 internal fun retryWithDelay(
     times: Int,
@@ -65,6 +66,8 @@ object JsonSerializer {
     // polluting user-space, we are going to encapsulate it. Maybe later if we have an internal
     // package it can be converted back to the extension function.
 
+    internal const val ITEM_SERIALIZATION_ERROR = "Error serializing value for key %s, value was dropped."
+
     /**
      * Converts arbitrary object to the [JsonElement] with the best effort. [Any.toString] is
      * used as a fallback.
@@ -93,6 +96,28 @@ object JsonSerializer {
             else -> JsonPrimitive(item.toString())
         }
     }
+
+    /**
+     * This method will convert all values to JSON in a safe way, meaning if serialization fails
+     * for the particular value, the process will continue and faulty value will be dropped.
+     */
+    @InternalApi
+    fun Map<String, Any?>.safeMapValuesToJson(internalLogger: InternalLogger): Map<String, JsonElement> {
+        val result = mutableMapOf<String, JsonElement>()
+        forEach {
+            try {
+                result += it.key to toJsonElement(it.value)
+            } catch (@Suppress("TooGenericExceptionCaught") e: Exception) {
+                internalLogger.log(
+                    InternalLogger.Level.ERROR,
+                    targets = listOf(InternalLogger.Target.USER, InternalLogger.Target.TELEMETRY),
+                    messageBuilder = { ITEM_SERIALIZATION_ERROR.format(Locale.US, it.key) },
+                    throwable = e
+                )
+            }
+        }
+        return result
+    }
 }
 
 internal fun Any?.fromJsonElement(): Any? {

dd-sdk-android-core/src/test/kotlin/com/datadog/android/core/internal/utils/MiscUtilsTest.kt

@@ -7,7 +7,11 @@
 package com.datadog.android.core.internal.utils
 
 import com.datadog.android.api.InternalLogger
+import com.datadog.android.core.internal.utils.JsonSerializer.ITEM_SERIALIZATION_ERROR
+import com.datadog.android.core.internal.utils.JsonSerializer.safeMapValuesToJson
 import com.datadog.android.utils.forge.Configurator
+import com.datadog.android.utils.verifyLog
+import com.datadog.tools.unit.forge.anException
 import com.datadog.tools.unit.forge.exhaustiveAttributes
 import com.google.gson.JsonArray
 import com.google.gson.JsonElement
@@ -33,6 +37,7 @@ import org.mockito.kotlin.verifyNoInteractions
 import org.mockito.kotlin.whenever
 import org.mockito.quality.Strictness
 import java.util.Date
+import java.util.Locale
 import java.util.concurrent.TimeUnit
 import kotlin.system.measureNanoTime
 
@@ -127,6 +132,37 @@ internal class MiscUtilsTest {
         }
     }
 
+    @Test
+    fun `M map values to JSON without throwing W safeMapValuesToJson()`(forge: Forge) {
+        // GIVEN
+        val attributes = forge.exhaustiveAttributes().toMutableMap()
+        val fakeException = forge.anException()
+        val faultyKey = forge.anAlphabeticalString()
+        val faultyItem = object {
+            override fun toString(): String {
+                throw fakeException
+            }
+        }
+        val mockInternalLogger = mock<InternalLogger>()
+
+        // WHEN
+        val mapped = attributes.apply { this += faultyKey to faultyItem }
+            .safeMapValuesToJson(mockInternalLogger)
+
+        // THEN
+        assertThat(mapped).hasSize(attributes.size - 1)
+        assertThat(mapped.values).doesNotContainNull()
+        assertThat(mapped).doesNotContainKey(faultyKey)
+
+        mockInternalLogger
+            .verifyLog(
+                level = InternalLogger.Level.ERROR,
+                targets = listOf(InternalLogger.Target.USER, InternalLogger.Target.TELEMETRY),
+                message = ITEM_SERIALIZATION_ERROR.format(Locale.US, faultyKey),
+                throwable = fakeException
+            )
+    }
+
     // endregion
 
     // region Internal

detekt_custom.yml

@@ -850,6 +850,7 @@ datadog:
       - "kotlin.collections.Map.mapNotNull(kotlin.Function1)"
       - "kotlin.collections.Map.mapValues(kotlin.Function1)"
       - "kotlin.collections.Map.orEmpty()"
+      - "kotlin.collections.Map.safeMapValuesToJson(com.datadog.android.api.InternalLogger)"
       - "kotlin.collections.Map.toJsonObject()"
       - "kotlin.collections.Map.toMap()"
       - "kotlin.collections.Map.toMap()"
@@ -923,6 +924,7 @@ datadog:
       - "kotlin.collections.MutableMap.remove(kotlin.Int)"
       - "kotlin.collections.MutableMap.remove(kotlin.Long)"
       - "kotlin.collections.MutableMap.remove(kotlin.String)"
+      - "kotlin.collections.MutableMap.safeMapValuesToJson(com.datadog.android.api.InternalLogger)"
       - "kotlin.collections.MutableMap?.forEach(kotlin.Function1)"
       - "kotlin.collections.MutableSet.add(com.datadog.android.core.internal.persistence.ConsentAwareStorage.Batch)"
       - "kotlin.collections.MutableSet.add(com.datadog.android.telemetry.internal.TelemetryEventId)"

features/dd-sdk-android-logs/src/main/kotlin/com/datadog/android/log/internal/domain/event/LogEventSerializer.kt

@@ -9,12 +9,13 @@ package com.datadog.android.log.internal.domain.event
 import com.datadog.android.api.InternalLogger
 import com.datadog.android.core.constraints.DataConstraints
 import com.datadog.android.core.constraints.DatadogDataConstraints
+import com.datadog.android.core.internal.utils.JsonSerializer.safeMapValuesToJson
 import com.datadog.android.core.persistence.Serializer
 import com.datadog.android.log.LogAttributes
 import com.datadog.android.log.model.LogEvent
 
 internal class LogEventSerializer(
-    internalLogger: InternalLogger,
+    private val internalLogger: InternalLogger,
     private val dataConstraints: DataConstraints = DatadogDataConstraints(internalLogger)
 ) : Serializer<LogEvent> {
 
@@ -35,11 +36,17 @@ internal class LogEventSerializer(
                 keyPrefix = LogAttributes.USR_ATTRIBUTES_GROUP,
                 attributesGroupName = USER_EXTRA_GROUP_VERBOSE_NAME
             )
-            it.copy(additionalProperties = sanitizedUserAttributes)
+            it.copy(
+                additionalProperties = sanitizedUserAttributes
+                    .safeMapValuesToJson(internalLogger)
+                    .toMutableMap()
+            )
         }
         return log.copy(
             ddtags = sanitizedTags,
-            additionalProperties = sanitizedAttributes.toMutableMap(),
+            additionalProperties = sanitizedAttributes
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap(),
             usr = usr
         )
     }

features/dd-sdk-android-logs/src/test/kotlin/com/datadog/android/log/internal/domain/event/LogEventSerializerTest.kt

@@ -12,6 +12,7 @@ import com.datadog.android.log.model.LogEvent
 import com.datadog.android.utils.forge.Configurator
 import com.datadog.tools.unit.assertj.JsonObjectAssert
 import com.datadog.tools.unit.assertj.JsonObjectAssert.Companion.assertThat
+import com.datadog.tools.unit.forge.anException
 import com.google.gson.JsonParser
 import fr.xgouchet.elmyr.Forge
 import fr.xgouchet.elmyr.annotation.Forgery
@@ -35,7 +36,7 @@ import org.mockito.quality.Strictness
 @ForgeConfiguration(Configurator::class)
 internal class LogEventSerializerTest {
 
-    lateinit var testedSerializer: LogEventSerializer
+    private lateinit var testedSerializer: LogEventSerializer
 
     @Mock
     lateinit var mockInternalLogger: InternalLogger
@@ -118,6 +119,60 @@ internal class LogEventSerializerTest {
             }
     }
 
+    @Test
+    fun `M not throw W serialize() { usr#additionalProperties serialization throws }`(
+        @Forgery fakeLog: LogEvent,
+        forge: Forge
+    ) {
+        // Given
+        val faultyKey = forge.anAlphabeticalString()
+        val faultyObject = object {
+            override fun toString(): String {
+                throw forge.anException()
+            }
+        }
+        val faultyLogEvent = fakeLog.copy(
+            usr = fakeLog.usr?.copy(
+                additionalProperties = fakeLog.usr?.additionalProperties
+                    ?.toMutableMap()
+                    ?.apply { put(faultyKey, faultyObject) }
+                    .orEmpty()
+                    .toMutableMap()
+            )
+        )
+
+        // When
+        val serialized = testedSerializer.serialize(faultyLogEvent)
+
+        // Then
+        assertSerializedLogMatchesInputLog(serialized, fakeLog)
+    }
+
+    @Test
+    fun `M not throw W serialize() { additionalProperties serialization throws }`(
+        @Forgery fakeLog: LogEvent,
+        forge: Forge
+    ) {
+        // Given
+        val faultyKey = forge.anAlphabeticalString()
+        val faultyObject = object {
+            override fun toString(): String {
+                throw forge.anException()
+            }
+        }
+        val faultyLogEvent = fakeLog.copy(
+            additionalProperties = fakeLog.additionalProperties
+                .toMutableMap()
+                .apply { put(faultyKey, faultyObject) }
+        )
+
+        // When
+        val serialized = testedSerializer.serialize(faultyLogEvent)
+
+        // Then
+        assertSerializedLogMatchesInputLog(serialized, fakeLog)
+    }
+
     // region Internal
 
     private fun assertSerializedLogMatchesInputLog(

features/dd-sdk-android-rum/src/main/kotlin/com/datadog/android/rum/internal/domain/event/RumEventSerializer.kt

@@ -9,6 +9,7 @@ package com.datadog.android.rum.internal.domain.event
 import com.datadog.android.api.InternalLogger
 import com.datadog.android.core.constraints.DataConstraints
 import com.datadog.android.core.constraints.DatadogDataConstraints
+import com.datadog.android.core.internal.utils.JsonSerializer.safeMapValuesToJson
 import com.datadog.android.core.persistence.Serializer
 import com.datadog.android.rum.RumAttributes
 import com.datadog.android.rum.model.ActionEvent
@@ -22,7 +23,7 @@ import com.datadog.android.telemetry.model.TelemetryErrorEvent
 import com.google.gson.JsonObject
 
 internal class RumEventSerializer(
-    internalLogger: InternalLogger,
+    private val internalLogger: InternalLogger,
     private val dataConstraints: DataConstraints = DatadogDataConstraints(internalLogger)
 ) : Serializer<Any> {
 
@@ -70,9 +71,13 @@ internal class RumEventSerializer(
     private fun serializeViewEvent(model: ViewEvent): String {
         val sanitizedUser = model.usr?.copy(
             additionalProperties = validateUserAttributes(model.usr.additionalProperties)
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap()
         )
         val sanitizedContext = model.context?.copy(
             additionalProperties = validateContextAttributes(model.context.additionalProperties)
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap()
         )
         val sanitizedView = model.view.copy(
             customTimings = model.view.customTimings?.copy(
@@ -93,9 +98,13 @@ internal class RumEventSerializer(
     private fun serializeErrorEvent(model: ErrorEvent): String {
         val sanitizedUser = model.usr?.copy(
             additionalProperties = validateUserAttributes(model.usr.additionalProperties)
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap()
         )
         val sanitizedContext = model.context?.copy(
             additionalProperties = validateContextAttributes(model.context.additionalProperties)
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap()
         )
         val sanitizedModel = model.copy(
             usr = sanitizedUser,
@@ -107,9 +116,13 @@ internal class RumEventSerializer(
     private fun serializeResourceEvent(model: ResourceEvent): String {
         val sanitizedUser = model.usr?.copy(
             additionalProperties = validateUserAttributes(model.usr.additionalProperties)
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap()
         )
         val sanitizedContext = model.context?.copy(
             additionalProperties = validateContextAttributes(model.context.additionalProperties)
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap()
         )
         val sanitizedModel = model.copy(
             usr = sanitizedUser,
@@ -121,9 +134,13 @@ internal class RumEventSerializer(
     private fun serializeActionEvent(model: ActionEvent): String {
         val sanitizedUser = model.usr?.copy(
             additionalProperties = validateUserAttributes(model.usr.additionalProperties)
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap()
         )
         val sanitizedContext = model.context?.copy(
             additionalProperties = validateContextAttributes(model.context.additionalProperties)
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap()
         )
         val sanitizedModel = model.copy(
             usr = sanitizedUser,
@@ -135,9 +152,13 @@ internal class RumEventSerializer(
     private fun serializeLongTaskEvent(model: LongTaskEvent): String {
         val sanitizedUser = model.usr?.copy(
             additionalProperties = validateUserAttributes(model.usr.additionalProperties)
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap()
         )
         val sanitizedContext = model.context?.copy(
             additionalProperties = validateContextAttributes(model.context.additionalProperties)
+                .safeMapValuesToJson(internalLogger)
+                .toMutableMap()
         )
         val sanitizedModel = model.copy(
             usr = sanitizedUser,