From 167c05f8a17dc38ed57cec438efd1c727c70ea0f Mon Sep 17 00:00:00 2001
From: Denver Coneybeare <dconeybe@google.com>
Date: Wed, 29 Sep 2021 11:39:33 -0400
Subject: [PATCH 1/3] Fix a crash caused by ResponseJson::MarkCompleted()
 failing to set application_data_ if parsing the JSON body fails

---
 app/rest/response_json.h      | 18 ++++++++++++++++--
 release_build_files/readme.md |  3 +++
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/app/rest/response_json.h b/app/rest/response_json.h
index 7ed1aa64ae..e133f0cf08 100644
--- a/app/rest/response_json.h
+++ b/app/rest/response_json.h
@@ -74,12 +74,26 @@ class ResponseJson : public Response {
     // Parse and verify JSON string in body. FlatBuffer parser does not support
     // online parsing. So we only parse the body when we get everything.
     bool parse_status = parser_->Parse(GetBody());
-    FIREBASE_ASSERT_RETURN_VOID(parse_status);
+    FIREBASE_ASSERT_MESSAGE(parse_status,
+                            "flatbuffers::Parser::Parse() failed: %s",
+                            parser_->error_.c_str());
+    if (!parse_status) {
+      application_data_.reset(new FbsTypeT());
+      Response::MarkCompleted();
+      return;
+    }
+
     const flatbuffers::FlatBufferBuilder& builder = parser_->builder_;
     flatbuffers::Verifier verifier(builder.GetBufferPointer(),
                                    builder.GetSize());
     bool verify_status = verifier.VerifyBuffer<FbsType>(nullptr);
-    FIREBASE_ASSERT_RETURN_VOID(verify_status);
+    FIREBASE_ASSERT_MESSAGE(verify_status,
+                            "flatbuffers::Verifier::VerifyBuffer() failed");
+    if (!verify_status) {
+      application_data_.reset(new FbsTypeT());
+      Response::MarkCompleted();
+      return;
+    }
 
     // UnPack application data object from FlatBuffer.
     const FbsType* body_fbs =
diff --git a/release_build_files/readme.md b/release_build_files/readme.md
index f2952f2258..63624a7ef8 100644
--- a/release_build_files/readme.md
+++ b/release_build_files/readme.md
@@ -576,6 +576,9 @@ code.
     -   Messaging (Android): Fixes an issue to receive token when
         initialize the app. 
         ([#667](https://github.com/firebase/firebase-cpp-sdk/pull/667)).
+    -   Auth (Desktop): Fix a crash that would occur if parsing the JSON
+        response from the server failed
+        ([#XXX](https://github.com/firebase/firebase-cpp-sdk/pull/XXX)).
         
 ### 8.5.0
 -   Changes

From 6e5755e79a5006a9a08bf6c699c9cff38fc9cd6e Mon Sep 17 00:00:00 2001
From: Denver Coneybeare <dconeybe@google.com>
Date: Wed, 29 Sep 2021 12:04:00 -0400
Subject: [PATCH 2/3] Update PR number in release notes

---
 release_build_files/readme.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/release_build_files/readme.md b/release_build_files/readme.md
index 63624a7ef8..48a1b3be57 100644
--- a/release_build_files/readme.md
+++ b/release_build_files/readme.md
@@ -578,7 +578,7 @@ code.
         ([#667](https://github.com/firebase/firebase-cpp-sdk/pull/667)).
     -   Auth (Desktop): Fix a crash that would occur if parsing the JSON
         response from the server failed
-        ([#XXX](https://github.com/firebase/firebase-cpp-sdk/pull/XXX)).
+        ([#692](https://github.com/firebase/firebase-cpp-sdk/pull/692)).
         
 ### 8.5.0
 -   Changes

From 606fac13ae223f62a6c7a73f7f7c0411f057d035 Mon Sep 17 00:00:00 2001
From: Denver Coneybeare <dconeybe@google.com>
Date: Wed, 29 Sep 2021 14:23:11 -0400
Subject: [PATCH 3/3] Replace FIREBASE_ASSERT_MESSAGE with LogError

---
 app/rest/response_json.h | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/app/rest/response_json.h b/app/rest/response_json.h
index e133f0cf08..237e0a2aee 100644
--- a/app/rest/response_json.h
+++ b/app/rest/response_json.h
@@ -22,6 +22,7 @@
 
 #include "app/rest/response.h"
 #include "app/src/assert.h"
+#include "app/src/log.h"
 #include "flatbuffers/idl.h"
 #include "flatbuffers/stl_emulation.h"
 
@@ -74,10 +75,9 @@ class ResponseJson : public Response {
     // Parse and verify JSON string in body. FlatBuffer parser does not support
     // online parsing. So we only parse the body when we get everything.
     bool parse_status = parser_->Parse(GetBody());
-    FIREBASE_ASSERT_MESSAGE(parse_status,
-                            "flatbuffers::Parser::Parse() failed: %s",
-                            parser_->error_.c_str());
     if (!parse_status) {
+      LogError("flatbuffers::Parser::Parse() failed: %s",
+               parser_->error_.c_str());
       application_data_.reset(new FbsTypeT());
       Response::MarkCompleted();
       return;
@@ -87,9 +87,8 @@ class ResponseJson : public Response {
     flatbuffers::Verifier verifier(builder.GetBufferPointer(),
                                    builder.GetSize());
     bool verify_status = verifier.VerifyBuffer<FbsType>(nullptr);
-    FIREBASE_ASSERT_MESSAGE(verify_status,
-                            "flatbuffers::Verifier::VerifyBuffer() failed");
     if (!verify_status) {
+      LogError("flatbuffers::Verifier::VerifyBuffer() failed");
       application_data_.reset(new FbsTypeT());
       Response::MarkCompleted();
       return;