Critical Bug: Receiving Waypoints Crash UI [Remote DoS] #19
Comments
mblauser
changed the title
mblauser
changed the title
|
Interesting, thanks for the report! Coincidentally, I have recently added support in 1.0.15-beta.2 for persisting the last runtime log to disk in the application's data directory. The data directory differs per platform: Linux:
|
|
found the log file. Is there a way to enable more verbose debugging? A single line in the log file occurs when the app UI freeze occurs: It seems that only the UI interfaces freeze (both Electron and web UI). The map and node list {often, but not always} disappear in the web UI interface. No new transmissions visually occur in the list. Neither interface able to:
The app process continues to function in the background, receiving and parsing mesh transmissions as evident by continuing transmission entries in the lastLog.txt. It's even able to send out new traceroute requests. |
mblauser
changed the title
|
This sounds like a front-end Javascript error. You can view the front-end console using |
|
Ctrl+Shift+I doesn't seem to work for me within the Electron window on MacOS, but I did capture the errors on the developer console tab within my web browser. The same issue occurs both from receiving WAYPOINT_APP and RANGE_TEST_APP transmissions, and likely other types not yet tested. Here are the respective logs seen within the browser for each: |
|
Looks like for Electron, Developer Console is accessible from the View menu:
Relevant error from the log is: Although it is not clear what property is being read. This is odd as unexpected packet types have not historically crashed the front-end and merely displayed "undefined". I wonder if I broke something 😅 |
|
ahh, Option+Cmd+I Same console error within Electron Developer Console index-DAde3bY6.js:10 highlighted= function Qt(n) {
if (n == $o)
return "all";
let e = Fa.value.find(t => t.num == n);
return e ? qn(e) : `!${n.toString(16)}`
}at Dh (index-DAde3bY6.js:795:13196) highlighted= let e, t, i = (n[31].rxTime ? new Date(n[31].rxTime * 1e3).toLocaleString(void 0, {
day: "numeric",
month: "numeric",
hour: "numeric",
minute: "numeric"
}) : "") + "", s, r, o, a, l, c, h, u, f = Qt(n[31].from) + "", d, g, m, p, y = n[31].channel + "", w, _, E, x = (n[31].hopStart == n[31].hopLimit && n[31].rxSnr || "") + "", I, S, R, T = (n[31].hopStart == n[31].hopLimit && n[31].rxRssi || "") + "", W, G, z, X = (n[31].encrypted ? "encrypted" : (Be = n[31].decoded) == null ? void 0 : Be.portnum) + "", J, Y, L, F, B, N, j, V, $, H = n[31].to != 4294967295 && Fh(n), D = n[31].hopStart && Nh(n);last entry in the chain try {
for (; wi < Si.length; ) {
const e = Si[wi];
wi++,
ys(e),
bd(e.$$)
}
} catch (e) {
throw Si.length = 0,
wi = 0,
e
} |
|
This code in the error appears to be a minified version of line 82 of <div class="w-28">{packet.rxTime ? new Date(packet.rxTime * 1000).toLocaleString(undefined, { day: 'numeric', month: 'numeric', hour: 'numeric', minute: 'numeric' }) : ''}</div> |
|
I have enabled the generation of sourcemaps in vite for future production builds to more easily find the offending line of code. |
|
I believe this is fixed!! Thank you again @mblauser for the stack traces, they were very helpful. Issue was I have published |
|
I've remotely upgraded to beta.3 |
|
Seems fixed. Tested waypoints and UI no longer crashes. Only see a minor UI log representation issue when these are received. The UI displays unknown and undefined. We should probably either 1) just not display them, or 2) make the UI entries more meaningful. WAYPOINT_APP response detail: {
"from": 1129781044,
"to": 4294967295,
"channel": 0,
"decoded": {
"portnum": "WAYPOINT_APP",
"payload": "COOj87sJFU21chUdHB[xxxxxx]MgR0ZXN0RdzzAQA=",
"wantResponse": false,
"dest": 0,
"source": 0,
"requestId": 0,
"replyId": 0,
"emoji": 0
},
"id": 2541539814,
"rxTime": 1728748555,
"rxSnr": 2.25,
"hopLimit": 4,
"wantAck": false,
"priority": "UNSET",
"rxRssi": -103,
"delayed": "NO_DELAY",
"viaMqtt": false,
"hopStart": 5,
"publicKey": "",
"pkiEncrypted": false
}unknown/undefined/undefined response detail: {
"event": "onWaypointPacket",
"json": {
"id": 2541539814,
"rxTime": "2024-10-12T15:55:55.000Z",
"type": "broadcast",
"from": 1129781044,
"to": 4294967295,
"channel": 0,
"data": {
"id": 2541539811,
"latitudeI": 359[xxxxxx],
"longitudeI": -1152[xxxxxx],
"expire": 1,
"lockedTo": 0,
"name": "test",
"description": "",
"icon": 127964
}
}
}[xxxxxx masked] Thought: Instead of only looking for packet.to, might it make sense to look for either packet.to or packet.json.to ? But either way, still include proper handling of an empty or nonexistant value. |
|
Thank you very much for the packet detail. When we encounter a new packet type that's not parsed, that's when it comes across as unknown/undefined. Perhaps I can still connect it with the initial WAYPOINT_APP line in the log for improved UX. Essentially the WAYPOINT_APP is the raw packet, and the undefined line is the decoded detail. I have not encountered waypoint traffic here, but apparently it is a feature in the mobile apps to place points of interest on the map. To display these in MeshSense, we would probably want to find a sensible place to store this information (is it associated with a node or keep a separate list of waypoints?) I'll try to replicate locally and see what makes sense. |
Waypoints sent by remote nodes cause MeshSense 1.0.15-beta.2 on MacOS 14.3.1 to become irrecoverably unresponsive and require restarting the app, both in the:
It is difficult to provide a capture of the received waypoint transmission, since the UI becomes unresponsive. I am not able to find a log file within the application directory on the filesystem. The only entries I can find the in the UI System Log are after restarting the app:
1:33:26:268 TRACE [iMeshDevice:HttpConnection] HandleFromRadio 🚧 Received Queue Status: [object Object]This is easily reproducible and observed from 'waypoint sending' nodes running firmware 2.4.2.5b45303 and 2.5.0. Local connected 'receiving' node running fw v2.3.12.24458a7.
WebUI:
The text was updated successfully, but these errors were encountered: