Prevent firelog from logging invalid data (#8443)

FirebaseMessaging/Sources/FIRMessagingCode.h

@@ -137,6 +137,9 @@ typedef NS_ENUM(NSInteger, FIRMessagingMessageCode) {
   kFIRMessagingServiceExtensionLocalFileNotCreated = 20002,
   kFIRMessagingServiceExtensionImageNotAttached = 20003,
   kFIRMessagingServiceExtensionTransportBytesError = 20004,
+  kFIRMessagingServiceExtensionInvalidProjectID = 2005,
+  kFIRMessagingServiceExtensionInvalidMessageID = 2006,
+  kFIRMessagingServiceExtensionInvalidInstanceID = 2007,
 
   kFIRMessagingMessageCodeFIRApp002 = 22002,
   kFIRMessagingMessageCodeInternal001 = 22001,

FirebaseMessaging/Sources/FIRMessagingExtensionHelper.m

@@ -211,8 +211,26 @@ pb_bytes_array_t *FIRMessagingEncodeString(NSString *string) {
   fm_MessagingClientEventExtension eventExtension = fm_MessagingClientEventExtension_init_default;
 
   fm_MessagingClientEvent clientEvent = fm_MessagingClientEvent_init_default;
+  if (!info[kFIRMessagingSenderID]) {
+    FIRMessagingLoggerError(kFIRMessagingServiceExtensionInvalidProjectID,
+                            @"Delivery logging failed: Invalid project ID");
+    return;
+  }
   clientEvent.project_number = (int64_t)[info[kFIRMessagingSenderID] longLongValue];
+
+  if (!info[kFIRMessagingMessageIDKey] ||
+      ![info[kFIRMessagingMessageIDKey] isKindOfClass:NSString.class]) {
+    FIRMessagingLoggerWarn(kFIRMessagingServiceExtensionInvalidMessageID,
+                           @"Delivery logging failed: Invalid Message ID");
+    return;
+  }
   clientEvent.message_id = FIRMessagingEncodeString(info[kFIRMessagingMessageIDKey]);
+
+  if (!info[kFIRMessagingFID] || ![info[kFIRMessagingFID] isKindOfClass:NSString.class]) {
+    FIRMessagingLoggerWarn(kFIRMessagingServiceExtensionInvalidInstanceID,
+                           @"Delivery logging failed: Invalid Instance ID");
+    return;
+  }
   clientEvent.instance_id = FIRMessagingEncodeString(info[kFIRMessagingFID]);
 
   if ([info[@"aps"][kFIRMessagingMessageAPNSContentAvailableKey] intValue] == 1 &&
@@ -225,15 +243,25 @@ pb_bytes_array_t *FIRMessagingEncodeString(NSString *string) {
 
   NSString *bundleID = [NSBundle mainBundle].bundleIdentifier;
   if ([GULAppEnvironmentUtil isAppExtension]) {
-    clientEvent.package_name =
-        FIRMessagingEncodeString([[self class] bundleIdentifierByRemovingLastPartFrom:bundleID]);
-  } else {
+    bundleID = [[self class] bundleIdentifierByRemovingLastPartFrom:bundleID];
+  }
+  if (bundleID) {
     clientEvent.package_name = FIRMessagingEncodeString(bundleID);
   }
   clientEvent.event = fm_MessagingClientEvent_Event_MESSAGE_DELIVERED;
-  clientEvent.analytics_label = FIRMessagingEncodeString(info[kFIRMessagingAnalyticsMessageLabel]);
-  clientEvent.campaign_id = (int64_t)[info[kFIRMessagingAnalyticsComposerIdentifier] longLongValue];
-  clientEvent.composer_label = FIRMessagingEncodeString(info[kFIRMessagingAnalyticsComposerLabel]);
+
+  if (info[kFIRMessagingAnalyticsMessageLabel]) {
+    clientEvent.analytics_label =
+        FIRMessagingEncodeString(info[kFIRMessagingAnalyticsMessageLabel]);
+  }
+  if (info[kFIRMessagingAnalyticsComposerIdentifier]) {
+    clientEvent.campaign_id =
+        (int64_t)[info[kFIRMessagingAnalyticsComposerIdentifier] longLongValue];
+  }
+  if (info[kFIRMessagingAnalyticsComposerLabel]) {
+    clientEvent.composer_label =
+        FIRMessagingEncodeString(info[kFIRMessagingAnalyticsComposerLabel]);
+  }
 
   eventExtension.messaging_client_event = &clientEvent;
   FIRMessagingMetricsLog *log =

FirebaseMessaging/Tests/UnitTests/FIRMessagingExtensionHelperTest.m

@@ -156,13 +156,64 @@ static NSString *const kValidImageURL =
   }
 }
 
-- (void)testDeliveryMetricsLogging {
+- (void)testDeliveryMetricsLoggingWithEmptyPayload {
   OCMStub([_mockUtilClass isAppExtension]).andReturn(YES);
   NSDictionary *fakeMessageInfo = @{@"aps" : @{}};
 
   [_mockExtensionHelper exportDeliveryMetricsToBigQueryWithMessageInfo:fakeMessageInfo];
-  OCMVerify([_mockExtensionHelper bundleIdentifierByRemovingLastPartFrom:[OCMArg any]]);
+  OCMReject([_mockExtensionHelper bundleIdentifierByRemovingLastPartFrom:[OCMArg any]]);
 }
+
+- (void)testDeliveryMetricsLoggingWithInvalidMessageID {
+  OCMStub([_mockUtilClass isAppExtension]).andReturn(YES);
+  NSDictionary *fakeMessageInfo = @{
+    @"aps" : @{@"badge" : @9, @"mutable-content" : @1},
+    @"fcm_options" : @{@"image" : @"https://google.com"},
+    @"google.c.fid" : @"fakeFIDForTest",
+    @"google.c.sender.id" : @123456789
+  };
+  [_mockExtensionHelper exportDeliveryMetricsToBigQueryWithMessageInfo:fakeMessageInfo];
+  OCMReject([_mockExtensionHelper bundleIdentifierByRemovingLastPartFrom:[OCMArg any]]);
+}
+
+- (void)testDeliveryMetricsLoggingWithInvalidFID {
+  OCMStub([_mockUtilClass isAppExtension]).andReturn(YES);
+  NSDictionary *fakeMessageInfo = @{
+    @"aps" : @{@"badge" : @9, @"mutable-content" : @1},
+    @"fcm_options" : @{@"image" : @"https://google.com"},
+    @"google.c.sender.id" : @123456789
+  };
+  [_mockExtensionHelper exportDeliveryMetricsToBigQueryWithMessageInfo:fakeMessageInfo];
+  OCMReject([_mockExtensionHelper bundleIdentifierByRemovingLastPartFrom:[OCMArg any]]);
+}
+
+- (void)testDeliveryMetricsLoggingWithDisplayPayload {
+  OCMStub([_mockUtilClass isAppExtension]).andReturn(YES);
+  NSDictionary *fakeMessageInfo = @{
+    @"aps" : @{@"badge" : @9, @"mutable-content" : @1},
+    @"fcm_options" : @{@"image" : @"https://google.com"},
+    @"gcm.message_id" : @"1627428480762269",
+    @"google.c.fid" : @"fakeFIDForTest",
+    @"google.c.sender.id" : @123456789
+  };
+
+  [_mockExtensionHelper exportDeliveryMetricsToBigQueryWithMessageInfo:fakeMessageInfo];
+  OCMExpect([_mockExtensionHelper bundleIdentifierByRemovingLastPartFrom:[OCMArg any]]);
+}
+
+- (void)testDeliveryMetricsLoggingWithDataPayload {
+  OCMStub([_mockUtilClass isAppExtension]).andReturn(NO);
+  NSDictionary *fakeMessageInfo = @{
+    @"aps" : @{@"badge" : @9, @"content-available" : @1},
+    @"fcm_options" : @{@"image" : @"https://google.com"},
+    @"gcm.message_id" : @"1627428480762269",
+    @"google.c.fid" : @"fakeFIDForTest",
+    @"google.c.sender.id" : @123456789
+  };
+  [_mockExtensionHelper exportDeliveryMetricsToBigQueryWithMessageInfo:fakeMessageInfo];
+  OCMReject([_mockExtensionHelper bundleIdentifierByRemovingLastPartFrom:[OCMArg any]]);
+}
+
 @end
 
 #endif  // TARGET_OS_IOS || TARGET_OS_OSX || TARGET_OS_WATCH