Android SDK integration crashes app during Google Play store releases

Crash we received

Caused by java.lang.NullPointerException: Attempt to invoke interface method 'java.util.Iterator java.util.List.iterator()' on a null object reference
      at zendesk.support.DeepLinkToRequestActionHandler.handle(DeepLinkToRequestActionHandler.java:48)
      at zendesk.support.DeepLinkingBroadcastReceiver.onReceive(DeepLinkingBroadcastReceiver.java:81)
      at android.app.ActivityThread.handleReceiver(ActivityThread.java:3187)
      at android.app.ActivityThread.-wrap17()
      at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1672)
      at android.os.Handler.dispatchMessage(Handler.java:106)
      at android.os.Looper.loop(Looper.java:164)
      at android.app.ActivityThread.main(ActivityThread.java:6494)
      at java.lang.reflect.Method.invoke(Method.java)
      at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:438)
      at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:807)

* What version of the Zendesk for Android SDK are you using?

implementation 'com.zendesk:support:5.2.0'
 

* Please make sure you've [enabled logging for your SDK implementation](https://developer.zendesk.com/embeddables/docs/android-support-sdk/debug). Is your implementation throwing any errors?

We have logging enabled for our testing debug builds and no errors are reported. We are not able to reproduce the crash locally so we don't really know what is logged during the actual error case.

* Please provide the code where you've initialized the SDK.

if (!appConfig.production) {
    Logger.setLoggable(true)
}
Zendesk.INSTANCE.init(context, appConfig.zendeskUrl, appConfig.zendeskAppId, appConfig.zendeskClientId)
Support.INSTANCE.init(Zendesk.INSTANCE)
if (Zendesk.INSTANCE.identity == null) {
    Zendesk.INSTANCE.setIdentity(AnonymousIdentity.Builder().build())
}
Zendesk.INSTANCE.setIdentity(JwtIdentity(user.helpDeskUserToken))
Zendesk.INSTANCE.provider().expect {
    it.userProvider().setUserFields(
        mapOf("android_app_version" to BuildConfigHelper.VERSION_NAME),
        object : ZendeskCallback<Map<String, String>>() {
            override fun onSuccess(data: Map<String, String>?) {
                analytics.logEvent("ZendeskAssociationAppVersionSuccess")
            }

            override fun onError(error: ErrorResponse) {
                val isExpectedError = (error.status in 400..600 && error.isHttpError).not()
                ErrorLog().reportError(
                    "ZendeskAssociationAppVersion",
                    logErrorResponse(error),
                    expected = isExpectedError,
                )
            }
        },
    )
}

* Finally, if there is any more info you can provide (problematic code, sample project, etc), that would be great!
 

My community reply for a similar problem here has a bit more info but... It appears to be related to your SDK not validating inputs well enough for "zendesk.support.DeepLinkingBroadcastReceiver". Your SDK is contributing that receiver through the com.zendesk:support:5.2.0 aar dependency we are bringing in:

<receiver
    android:name="zendesk.support.DeepLinkingBroadcastReceiver"
    android:exported="false">

    <intent-filter>

        <action
            android:name="zendesk.support" />
    </intent-filter>
</receiver>

The Google Play Store automated tooling they use to test, evaluate for malware, and other compliance related items inspects our app and invokes logic against some common components like these broadcast receivers. We don't have control over this process. Each time we push a new release we get a few crashes related to the problem here. The fix from your end is to better inspect the inputs being passed to this broadcast receiver to ensure it conforms to your expected payload structure. If it doesn' then log an error message and ignore it. Currently your payload parsing logic throws an exception back out of the broadcast receiver for the payload Google is passing and thus our app crashes.