diff --git a/android/app/src/main/java/com/microsoft/codepush/react/CodePushUpdateUtils.java b/android/app/src/main/java/com/microsoft/codepush/react/CodePushUpdateUtils.java index 700efac68..0a6d4d861 100644 --- a/android/app/src/main/java/com/microsoft/codepush/react/CodePushUpdateUtils.java +++ b/android/app/src/main/java/com/microsoft/codepush/react/CodePushUpdateUtils.java @@ -9,7 +9,6 @@ import java.security.interfaces.*; - import org.json.JSONArray; import org.json.JSONException; import org.json.JSONObject; @@ -86,8 +85,12 @@ private static String computeHash(InputStream dataStream) { throw new CodePushUnknownException("Unable to compute hash of update contents.", e); } finally { try { - if (digestInputStream != null) digestInputStream.close(); - if (dataStream != null) dataStream.close(); + if (digestInputStream != null) { + digestInputStream.close(); + } + if (dataStream != null) { + dataStream.close(); + } } catch (IOException e) { e.printStackTrace(); } @@ -98,7 +101,11 @@ private static String computeHash(InputStream dataStream) { } public static void copyNecessaryFilesFromCurrentPackage(String diffManifestFilePath, String currentPackageFolderPath, String newPackageFolderPath) throws IOException { - FileUtils.copyDirectoryContents(currentPackageFolderPath, newPackageFolderPath); + if (currentPackageFolderPath == null || !new File(currentPackageFolderPath).exists()) { + CodePushUtils.log("Unable to copy files from current package during diff update, because currentPackageFolderPath is invalid."); + return; + } + FileUtils.copyDirectoryContents(currentPackageFolderPath, newPackageFolderPath); JSONObject diffManifest = CodePushUtils.getJsonObjectFromFile(diffManifestFilePath); try { JSONArray deletedFiles = diffManifest.getJSONArray("deletedFiles"); @@ -184,7 +191,7 @@ public static void verifyFolderHash(String folderPath, String expectedHash) { public static Map verifyAndDecodeJWT(String jwt, PublicKey publicKey) { try { SignedJWT signedJWT = SignedJWT.parse(jwt); - JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey)publicKey); + JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey) publicKey); if (signedJWT.verify(verifier)) { Map claims = signedJWT.getJWTClaimsSet().getClaims(); CodePushUtils.log("JWT verification succeeded, payload content: " + claims.toString()); @@ -217,7 +224,7 @@ public static PublicKey parsePublicKey(String stringPublicKey) { } } - public static String getSignatureFilePath(String updateFolderPath){ + public static String getSignatureFilePath(String updateFolderPath) { return CodePushUtils.appendPathComponent( CodePushUtils.appendPathComponent(updateFolderPath, CodePushConstants.CODE_PUSH_FOLDER_PREFIX), CodePushConstants.BUNDLE_JWT_FILE @@ -254,7 +261,7 @@ public static void verifyUpdateSignature(String folderPath, String packageHash, throw new CodePushInvalidUpdateException("The update could not be verified because it was not signed by a trusted party."); } - final String contentHash = (String)claims.get("contentHash"); + final String contentHash = (String) claims.get("contentHash"); if (contentHash == null) { throw new CodePushInvalidUpdateException("The update could not be verified because the signature did not specify a content hash."); } @@ -265,4 +272,4 @@ public static void verifyUpdateSignature(String folderPath, String packageHash, CodePushUtils.log("The update contents succeeded the code signing check."); } -} \ No newline at end of file +}