Skip to content

fix: Workaround FileNotFoundException on Android when recovering sessions #5084

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jamescrosswell merged 3 commits into from
Apr 7, 2026
+18 −30

Use more appropriate exception

9b6f0c2
Select commit
Loading
Failed to load commit list.
Merged

fix: Workaround FileNotFoundException on Android when recovering sessions #5084

Use more appropriate exception
9b6f0c2
Select commit
Loading
Failed to load commit list.
@sentry/warden / warden completed Mar 30, 2026 in 2m 11s

1 issue

Low

TOCTOU race condition causes spurious ERROR logs when session file is deleted between check and read - `src/Sentry/GlobalSessionManager.cs:204-206`

The code checks FileExists at line 154 before reading the file at line 162 via _persistedSessionProvider. If the file is deleted between these two operations (TOCTOU race), FileNotFoundException or DirectoryNotFoundException will be thrown. Previously, these were caught and logged at DEBUG level as expected race conditions. After this change, they fall through to the generic catch (Exception ex) block which logs at ERROR level. On Android (per PR title), where the OS may clear cache files, this race is more likely and will now generate misleading ERROR logs for what is actually benign behavior.

4 skills analyzed
Skill Findings Duration Cost
code-review 0 1m 28s $0.77
find-bugs 1 2m 6s $0.96
gha-security-review 0 1m 34s $0.17
security-review 0 48.9s $0.31

Duration: 5m 57s · Tokens: 1.1M in / 16.2k out · Cost: $2.22 (+extraction: $0.00, +fix_gate: $0.00)

View more details on @sentry/warden