Possible security bug on Zoom Video SDK and React Native

DanPiccolo · December 18, 2023, 7:24pm

Before Creating a New Topic:

If you’re experiencing unexpected Video SDK behavior please search the forum with relevant keywords (e.x. error message) and follow the guidance outlined in those posts. Please also leverage the following support links:

Zoom Developer Changelog for Dev Product Changes: https://marketplace.zoom.us/docs/guides/stay-up-to-date/changelog/
General Troubleshooting: https://devsupport.zoom.us/hc/en-us
To Submit a Ticket for Unexpected Video SDK Behavior: Home - Zoom Support
For General & Integrations Related Guidance: https://community.zoom.com/

Description
I’m integrating the Zoom Video SDK with a react native mobile app. However, my mobile app is crashing occasionally. BUT the camera on an Android device, still seems to send video to the zoom session (using the web ui version of the Video SDK)

Errors
There is no clear stack trace except for this error that appears on the mobile app at the time of it crashing

Which React Native Video SDK version?
Version 1.9.5

Video SDK Code Snippets
No valid code snippet to show

Smartphone (please complete the following information):

Device: Samsung Galaxy S7
OS: Android 8

rehema.zoom · December 20, 2023, 12:27am

Hi @DanPiccolo ,

Thank you for sharing this. I will have the team look into this further and reach back out when I have an update.

Thank you,
Rehema

rehema.zoom · December 20, 2023, 3:46pm

Hi @DanPiccolo ,

To make sure we can best investigate this issue, are you able to reproduce this on the react native sample app? If so, can you provide the steps to reproduce?

Thanks,
Rehema

DanPiccolo · December 20, 2023, 4:02pm

Sorry, no, this was with our own app, not the sample app.

I was using something a 3rd party wrote for our project, (which I was trying to tweak as they had diverged a bit from the sample app) and it was an issue with null/undefined values for sharing status in the React Native zoom component, it seems, and it would join the session, start transmitting, but then close the app, and the video would still stream to the web client I was using to complete create the session in the first place.

This is the error the app gave me (see below) and my thought is, a person could willingly cause this error in order to exploit this issue.

rehema.zoom · December 20, 2023, 8:50pm

Hi @DanPiccolo ,

Thanks for your response. Could you attempt to test on the sample application and see if the issue still occurs? In this instance, it would require to manually crash/end the application to test and see if video is still being sent. Please let me know if you are able to reproduce on the sample app or need any guidance in testing.

Thanks,
Rehema

system · January 17, 2024, 7:25pm

This topic was automatically closed after 30 days. New replies are no longer allowed.

Topic		Replies	Views
zoom.joinSession returning null React Native	1	336	August 30, 2023
Video sdk not working in React Native after rebuilding the app after few months React Native video-sdk	1	85	April 26, 2024
Crashs on IOS after user leave session React Native video-sdk	5	634	May 16, 2023
Zoom VideoSDK Error_Invalid_Parameter React Native	2	622	June 8, 2022
(Video SDK React Native) Cannot join session that were created by Video SDK Reactjs app React Native	2	1234	March 12, 2022

Possible security bug on Zoom Video SDK and React Native

Before Creating a New Topic:

Related Topics