From c5918f788650d401ce859092a60fceaf38e3efb3 Mon Sep 17 00:00:00 2001
From: LoveSy <shana@zju.edu.cn>
Date: Fri, 25 Nov 2022 09:24:35 +0800
Subject: [PATCH] Check backup nullptr (#2237)

---
 .../main/java/de/robv/android/xposed/XposedBridge.java    | 5 ++++-
 core/src/main/jni/src/jni/hook_bridge.cpp                 | 8 ++++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/core/src/main/java/de/robv/android/xposed/XposedBridge.java b/core/src/main/java/de/robv/android/xposed/XposedBridge.java
index eec4a227..02a8f0aa 100644
--- a/core/src/main/java/de/robv/android/xposed/XposedBridge.java
+++ b/core/src/main/java/de/robv/android/xposed/XposedBridge.java
@@ -219,7 +219,10 @@ public final class XposedBridge {
             throw new IllegalArgumentException("callback should not be null!");
         }
 
-        HookBridge.hookMethod((Executable) hookMethod, AdditionalHookInfo.class, callback.priority, callback);
+        if (!HookBridge.hookMethod((Executable) hookMethod, AdditionalHookInfo.class, callback.priority, callback)) {
+            log("Failed to hook " + hookMethod);
+            return null;
+        }
 
         return callback.new Unhook(hookMethod);
     }
diff --git a/core/src/main/jni/src/jni/hook_bridge.cpp b/core/src/main/jni/src/jni/hook_bridge.cpp
index 6a5fa69f..ec1cabd5 100644
--- a/core/src/main/jni/src/jni/hook_bridge.cpp
+++ b/core/src/main/jni/src/jni/hook_bridge.cpp
@@ -101,7 +101,9 @@ LSP_DEF_NATIVE_METHOD(jboolean, HookBridge, unhookMethod, jobject hookMethod, jo
         }
     }
     if (!hook_item) return JNI_FALSE;
-    JNIMonitor monitor(env, hook_item->backup);
+    auto backup = hook_item->backup;
+    if (!backup) return JNI_FALSE;
+    JNIMonitor monitor(env, backup);
     for (auto i = hook_item->callbacks.begin(); i != hook_item->callbacks.end(); ++i) {
         if (env->IsSameObject(i->second, callback)) {
             hook_item->callbacks.erase(i);
@@ -151,7 +153,9 @@ LSP_DEF_NATIVE_METHOD(jobjectArray, HookBridge, callbackSnapshot, jobject method
         }
     }
     if (!hook_item) return nullptr;
-    JNIMonitor monitor(env, hook_item->backup);
+    auto backup = hook_item->backup;
+    if (!backup) return nullptr;
+    JNIMonitor monitor(env, backup);
     auto res = env->NewObjectArray((jsize) hook_item->callbacks.size(), env->FindClass("java/lang/Object"), nullptr);
     for (jsize i = 0; auto callback: hook_item->callbacks) {
         env->SetObjectArrayElement(res, i++, env->NewLocalRef(callback.second));