Tweet crashes Mac Twitter client

93 pointsby kikibobo69over 12 years ago

30 comments

mmastracover 12 years ago

The offending tweet content:<pre><code> ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪ </code></pre> Edit: I've narrowed it down to the following byte sequence. I can't seem to remove any of the characters without it no longer crashing:<pre><code> 00000000 d9 88 d2 88 cd a5 cd a8 cd aa cd af 20 d2 88 d2 |............ ...| 00000010 88 d2 88 |...| 00000013 </code></pre> Hixie's unicode decoder says this is:<pre><code> U+0648 ARABIC LETTER WAW character (&#x0648;) U+0488 COMBINING CYRILLIC HUNDRED THOUSANDS SIGN character (&#x0488;) U+0365 COMBINING LATIN SMALL LETTER I character (&#x0365;) U+0368 COMBINING LATIN SMALL LETTER C character (&#x0368;) U+036A COMBINING LATIN SMALL LETTER H character (&#x036A;) U+036F COMBINING LATIN SMALL LETTER X character (&#x036F;) U+0020 SPACE character U+0488 COMBINING CYRILLIC HUNDRED THOUSANDS SIGN character (&#x0488;) U+0488 COMBINING CYRILLIC HUNDRED THOUSANDS SIGN character (&#x0488;) U+0488 COMBINING CYRILLIC HUNDRED THOUSANDS SIGN character (&#x0488;)</code></pre>

评论 #5237614 未加载

评论 #5237611 未加载

a_pover 12 years ago

This is the tweet in html character entity form:<pre><code> &#1607;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#875;&#876;&#873;&#878;&#872;&#874;&#879;&#869;&#869;&#875;&#874;&#871;&#867;&#879;&#874;&#872;&#867;&#869;&#876;&#874;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#874;&#869;&#872;&#874;&#875;&#876;&#877;&#878;&#879;&#869;&#868;&#867;&#869;&#872;&#874;&#871;&#867;&#879;&#876;&#874;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#1160;&#874;&#872;&#874;&#875;&#876;&#873;&#878;&#879;&#869;&#872;&#867;&#869;&#875;&#874;&#871;&#867;&#879;&#869;&#876;&#874;</code></pre>

评论 #5237862 未加载

bsg75over 12 years ago

And unfollowing only solves the problem until someone in your stream retweets it.So I retweeted it.

eksithover 12 years ago

Rendering any typeable character(s) should never crash any engine... ever. That said, unicode seems to be the last frontier for the non-viral spread of glitches.I'm somewhat reminded of this : <a href="http://stackoverflow.com/a/1732454" rel="nofollow">http://stackoverflow.com/a/1732454</a>

signed0over 12 years ago

It also crashes Chrome's current tab on OSX: <a href="http://imgur.com/vRn6Qid" rel="nofollow">http://imgur.com/vRn6Qid</a>

评论 #5237580 未加载

评论 #5237629 未加载

duskwuffover 12 years ago

For at least one application, the crash is in:<pre><code> 0 libvDSP.dylib ? + 117458 1 com.apple.CoreText TRun::TRun(TRun const&, CFRange, TRun::SubrangingStyle) + 850 2 com.apple.CoreText CTGlyphRun::CloneRange(CTRun const*, CFRange, TRun::SubrangingStyle) + 142 3 com.apple.CoreText TLine::SetLevelRange(CFRange, unsigned char, bool) + 162 4 com.apple.CoreText TLine::SetTrailingWhitespaceLevel(unsigned char) + 70 5 com.apple.CoreText TRunReorder::ReorderRuns(TBidiLevelsProvider const&, TLine&) + 122 6 com.apple.CoreText TTypesetter::FinishLineFill(TLine&, double, double) const + 142 7 com.apple.CoreText CTTypesetterCreateLine + 131 </code></pre> I'm not familar enough with CoreText internals to guess what's going wrong, though. :)

ihswover 12 years ago

Is it simply zalgo text? <a href="http://eeemo.net/" rel="nofollow">http://eeemo.net/</a>

nigglerover 12 years ago

Is this a mountain lion issue or does this affect lion and SL as well?

评论 #5237592 未加载

general_failureover 12 years ago

Does anyone else see something funky at the top most comments?

评论 #5237682 未加载

评论 #5238026 未加载

zmarnover 12 years ago

Ok, I narrowed down what kills Chrome.minimalist example:<pre><code> data:text/html;charset=utf-8,%D9%88%20%D2%88%D2%88%D2%88 </code></pre> It seems to be a problem with utf-8 vs. unicode + Times New Roman.tested on: Chrome 24.0.1312.57 | OS x 10.8.2Edit: also works with other fonts for example Arial

alpbover 12 years ago

Crashes Chrome on Mac (only the tab, not the whole process). Of course retweeted it!

lukemanover 12 years ago

I'm sure they'll have a bugfix release out soon to fix this.Nah, just kidding.

ExtraJover 12 years ago

Retweeted, of course.

zmarnover 12 years ago

Really interesting, played around with it locally and it just kill two random neighboring tabs, while not effecting others.Chrome 24.0.1312.57 | OS x 10.8.2

renanbirckover 12 years ago

No crash on either Chrome or Firefox on Arch Linux.

webbruceover 12 years ago

Yeah my twitter client is crashing now when I switch to another account that's already logged in.

ihumanover 12 years ago

This twitter account and tweet displays fine on TweetBot for iOS, but causes lag when scrolling.

itistoday2over 12 years ago

How do you type this on a Mac?

评论 #5237726 未加载

cleverjakeover 12 years ago

This is crashing nightly webkit as well, so it is likely an issue there.

zemanelover 12 years ago

Crashing for me too .. can't open Twitter.app ...OS X 10.8.2 (12C60)

Void_over 12 years ago

It also crashes Sublime Edit when pasted.

younataover 12 years ago

firefox 18.0.2 on osx seems to survive...

评论 #5237613 未加载

sebastianavinaover 12 years ago

correct me if i'm wrong, but somebody is working right now to use this bug in some piece of malicious code...

keikun17over 12 years ago

Aaaand i locked myself out of twitter.

Systemic33over 12 years ago

No crash on Chromium with Arch Linux

eridiusover 12 years ago

Doesn't crash Tweetbot or Safari.

cicloidover 12 years ago

Also crashes Tweetbot on the Mac

评论 #5238468 未加载

euniceover 12 years ago

Doesn't crash Safari on 10.8.2

youngerdryasover 12 years ago

ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪCool...Edit: Apparently it is only the unicode>ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪ>ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪ>ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪ...How is this possible?

评论 #5238018 未加载

评论 #5237762 未加载

camusover 12 years ago

should it be considered as a new form of attack ? utf attack , or utf malware ( that's a question ).

30 comments

mmastracover 12 years ago

评论 #5237614 未加载

评论 #5237611 未加载

a_pover 12 years ago

评论 #5237862 未加载

bsg75over 12 years ago

And unfollowing only solves the problem until someone in your stream retweets it.So I retweeted it.

eksithover 12 years ago

signed0over 12 years ago

It also crashes Chrome's current tab on OSX: <a href="http://imgur.com/vRn6Qid" rel="nofollow">http://imgur.com/vRn6Qid</a>

评论 #5237580 未加载

评论 #5237629 未加载

duskwuffover 12 years ago

ihswover 12 years ago

Is it simply zalgo text? <a href="http://eeemo.net/" rel="nofollow">http://eeemo.net/</a>

nigglerover 12 years ago

Is this a mountain lion issue or does this affect lion and SL as well?

评论 #5237592 未加载

general_failureover 12 years ago

Does anyone else see something funky at the top most comments?

评论 #5237682 未加载

评论 #5238026 未加载

zmarnover 12 years ago

alpbover 12 years ago

Crashes Chrome on Mac (only the tab, not the whole process). Of course retweeted it!

lukemanover 12 years ago

I'm sure they'll have a bugfix release out soon to fix this.Nah, just kidding.

ExtraJover 12 years ago

Retweeted, of course.

zmarnover 12 years ago

Really interesting, played around with it locally and it just kill two random neighboring tabs, while not effecting others.Chrome 24.0.1312.57 | OS x 10.8.2

renanbirckover 12 years ago

No crash on either Chrome or Firefox on Arch Linux.

webbruceover 12 years ago

Yeah my twitter client is crashing now when I switch to another account that's already logged in.

ihumanover 12 years ago

This twitter account and tweet displays fine on TweetBot for iOS, but causes lag when scrolling.

itistoday2over 12 years ago

How do you type this on a Mac?

评论 #5237726 未加载

cleverjakeover 12 years ago

This is crashing nightly webkit as well, so it is likely an issue there.

zemanelover 12 years ago

Crashing for me too .. can't open Twitter.app ...OS X 10.8.2 (12C60)

Void_over 12 years ago

It also crashes Sublime Edit when pasted.

younataover 12 years ago

firefox 18.0.2 on osx seems to survive...

评论 #5237613 未加载

sebastianavinaover 12 years ago

correct me if i'm wrong, but somebody is working right now to use this bug in some piece of malicious code...

keikun17over 12 years ago

Aaaand i locked myself out of twitter.

Systemic33over 12 years ago

No crash on Chromium with Arch Linux

eridiusover 12 years ago

Doesn't crash Tweetbot or Safari.

cicloidover 12 years ago

Also crashes Tweetbot on the Mac

评论 #5238468 未加载

euniceover 12 years ago

Doesn't crash Safari on 10.8.2

youngerdryasover 12 years ago

评论 #5238018 未加载

评论 #5237762 未加载

camusover 12 years ago

should it be considered as a new form of attack ? utf attack , or utf malware ( that's a question ).