From b4a758281158ce7ad6241c8d708b22600085b41b Mon Sep 17 00:00:00 2001
From: Maxime Biais <maxime.biais@gmail.com>
Date: Mon, 28 Sep 2015 15:08:05 +0200
Subject: [PATCH 1/3] check null source in JSONUtils.queryJSON()

---
 .../java/org/wordpress/android/util/JSONUtils.java    | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/libs/utils/WordPressUtils/src/main/java/org/wordpress/android/util/JSONUtils.java b/libs/utils/WordPressUtils/src/main/java/org/wordpress/android/util/JSONUtils.java
index 4c92478cb4d7..6df9e0b0aa9d 100644
--- a/libs/utils/WordPressUtils/src/main/java/org/wordpress/android/util/JSONUtils.java
+++ b/libs/utils/WordPressUtils/src/main/java/org/wordpress/android/util/JSONUtils.java
@@ -8,7 +8,6 @@
 import org.wordpress.android.util.AppLog.T;
 
 import java.util.ArrayList;
-import java.util.Iterator;
 
 public class JSONUtils {
     private static String QUERY_SEPERATOR=".";
@@ -25,6 +24,10 @@ public class JSONUtils {
      * traverse the object graph and pull out the desired property
      */
     public static <U> U queryJSON(JSONObject source, String query, U defaultObject) {
+        if (source == null) {
+            AppLog.e(T.UTILS, "Parameter source is null, can't query a null object");
+            return defaultObject;
+        }
         int nextSeperator = query.indexOf(QUERY_SEPERATOR);
         int nextIndexStart = query.indexOf(QUERY_ARRAY_INDEX_START);
         if (nextSeperator == -1 && nextIndexStart == -1) {
@@ -89,7 +92,11 @@ public static <U> U queryJSON(JSONObject source, String query, U defaultObject)
      * Acceptable indexes include negative numbers to reference items from the end of
      * the list as well as "last" and "first" as more explicit references to "0" and "-1"
      */
-    public static <U> U queryJSON(JSONArray source, String query, U defaultObject){
+    public static <U> U queryJSON(JSONArray source, String query, U defaultObject) {
+        if (source == null) {
+            AppLog.e(T.UTILS, "Parameter source is null, can't query a null object");
+            return defaultObject;
+        }
         // query must start with [ have an index and then have ]
         int indexStart = query.indexOf(QUERY_ARRAY_INDEX_START);
         int indexEnd = query.indexOf(QUERY_ARRAY_INDEX_END);

From 172378e206711a917db0d97439821d383829e4e8 Mon Sep 17 00:00:00 2001
From: Maxime Biais <maxime.biais@gmail.com>
Date: Tue, 29 Sep 2015 09:01:33 +0200
Subject: [PATCH 2/3] Check null query string

---
 .../org/wordpress/android/util/JSONUtils.java | 23 +++++++++++--------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/libs/utils/WordPressUtils/src/main/java/org/wordpress/android/util/JSONUtils.java b/libs/utils/WordPressUtils/src/main/java/org/wordpress/android/util/JSONUtils.java
index 6df9e0b0aa9d..8738acd24384 100644
--- a/libs/utils/WordPressUtils/src/main/java/org/wordpress/android/util/JSONUtils.java
+++ b/libs/utils/WordPressUtils/src/main/java/org/wordpress/android/util/JSONUtils.java
@@ -10,15 +10,15 @@
 import java.util.ArrayList;
 
 public class JSONUtils {
-    private static String QUERY_SEPERATOR=".";
-    private static String QUERY_ARRAY_INDEX_START="[";
-    private static String QUERY_ARRAY_INDEX_END="]";
-    private static String QUERY_ARRAY_FIRST="first";
-    private static String QUERY_ARRAY_LAST="last";
+    private static String QUERY_SEPERATOR = ".";
+    private static String QUERY_ARRAY_INDEX_START = "[";
+    private static String QUERY_ARRAY_INDEX_END = "]";
+    private static String QUERY_ARRAY_FIRST = "first";
+    private static String QUERY_ARRAY_LAST = "last";
 
     private static final String JSON_NULL_STR = "null";
+    private static final String TAG = "JSONUtils";
 
-    private static final String TAG="JSONUtils";
     /**
      * Given a JSONObject and a key path (e.g property.child) and a default it will
      * traverse the object graph and pull out the desired property
@@ -28,6 +28,10 @@ public static <U> U queryJSON(JSONObject source, String query, U defaultObject)
             AppLog.e(T.UTILS, "Parameter source is null, can't query a null object");
             return defaultObject;
         }
+        if (query == null) {
+            AppLog.e(T.UTILS, "Parameter query is null");
+            return defaultObject;
+        }
         int nextSeperator = query.indexOf(QUERY_SEPERATOR);
         int nextIndexStart = query.indexOf(QUERY_ARRAY_INDEX_START);
         if (nextSeperator == -1 && nextIndexStart == -1) {
@@ -59,9 +63,6 @@ public static <U> U queryJSON(JSONObject source, String query, U defaultObject)
         String nextQuery = query.substring(endQuery);
         String key = query.substring(0, endQuery);
         try {
-            if (source == null) {
-                return defaultObject;
-            }
             if (nextQuery.indexOf(QUERY_SEPERATOR) == 0) {
                 return queryJSON(source.getJSONObject(key), nextQuery.substring(1), defaultObject);
             } else if (nextQuery.indexOf(QUERY_ARRAY_INDEX_START) == 0) {
@@ -97,6 +98,10 @@ public static <U> U queryJSON(JSONArray source, String query, U defaultObject) {
             AppLog.e(T.UTILS, "Parameter source is null, can't query a null object");
             return defaultObject;
         }
+        if (query == null) {
+            AppLog.e(T.UTILS, "Parameter query is null");
+            return defaultObject;
+        }
         // query must start with [ have an index and then have ]
         int indexStart = query.indexOf(QUERY_ARRAY_INDEX_START);
         int indexEnd = query.indexOf(QUERY_ARRAY_INDEX_END);

From 63a24f8a1e0b10973d9e6cee8af387b2b7aca361 Mon Sep 17 00:00:00 2001
From: Maxime Biais <maxime.biais@gmail.com>
Date: Tue, 29 Sep 2015 09:02:11 +0200
Subject: [PATCH 3/3] test queryJSON calls with null params

---
 .../wordpress/android/util/JSONUtilsTest.java | 32 +++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 libs/utils/WordPressUtils/src/androidTest/java/org/wordpress/android/util/JSONUtilsTest.java

diff --git a/libs/utils/WordPressUtils/src/androidTest/java/org/wordpress/android/util/JSONUtilsTest.java b/libs/utils/WordPressUtils/src/androidTest/java/org/wordpress/android/util/JSONUtilsTest.java
new file mode 100644
index 000000000000..f7c747ff7024
--- /dev/null
+++ b/libs/utils/WordPressUtils/src/androidTest/java/org/wordpress/android/util/JSONUtilsTest.java
@@ -0,0 +1,32 @@
+package org.wordpress.android.util;
+
+import android.test.InstrumentationTestCase;
+
+import org.json.JSONArray;
+import org.json.JSONObject;
+
+public class JSONUtilsTest extends InstrumentationTestCase {
+    public void testQueryJSONNullSource1() {
+        JSONUtils.queryJSON((JSONObject) null, "", "");
+    }
+
+    public void testQueryJSONNullSource2() {
+        JSONUtils.queryJSON((JSONArray) null, "", "");
+    }
+
+    public void testQueryJSONNullQuery1() {
+        JSONUtils.queryJSON(new JSONObject(), null, "");
+    }
+
+    public void testQueryJSONNullQuery2() {
+        JSONUtils.queryJSON(new JSONArray(), null, "");
+    }
+
+    public void testQueryJSONNullReturnValue1() {
+        JSONUtils.queryJSON(new JSONObject(), "", null);
+    }
+
+    public void testQueryJSONNullReturnValue2() {
+        JSONUtils.queryJSON(new JSONArray(), "", null);
+    }
+}