Results 1 to 11 of 11

Thread: OSX users suffering from unicode bug DoS issue.

  1. #1
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,164
    Thanks
    803
    Thanked
    2,152 times in 1,408 posts

    OSX users suffering from unicode bug DoS issue.

    Whilst I would never suggest people tweet out a certain unicode string, which causes anyone on OSX using the twitter client to crash, I will say, it is damned funny.

    http://www.jwz.org/blog/2013/02/you-...ty-characters/

    This is part of an ongoing bug in OSX with the way it handles unicode strings. In fact just putting this:
    ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪ
    Is enough to upset users of Safari apparently, creating render bugs and high CPU useage.

    So kids, watch what you tweet, and OSX users beware of strange DoS attacks over the next few months until it gets patched.
    throw new ArgumentException (String, String, Exception)

  2. #2
    Senior Member Smudger's Avatar
    Join Date
    Oct 2005
    Location
    St Albans
    Posts
    3,834
    Thanks
    643
    Thanked
    608 times in 444 posts
    • Smudger's system
      • Motherboard:
      • Gbyte GA-970A-UD3P
      • CPU:
      • AMD FX8320 Black Edition
      • Memory:
      • 16GB 2x8G CML16GX3M2A1600C10
      • Storage:
      • 1x240Gb Corsair M500, 2TB TOSHIBA DT01ACA200
      • Graphics card(s):
      • XFX Radeon HD4890 1GB
      • PSU:
      • Corsair HX520
      • Case:
      • Akasa Zen
      • Operating System:
      • Windows 10 Home
      • Monitor(s):
      • Dell 24"
      • Internet:
      • Virgin 200Mbit

    Re: OSX users suffering from unicode bug DoS issue.

    Is that supposed to leave a smear of characters on the screen? That's what I'm getting on Chrome on Win 7...

  3. #3
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,164
    Thanks
    803
    Thanked
    2,152 times in 1,408 posts

    Re: OSX users suffering from unicode bug DoS issue.

    Chrome just renders it oddly.

    Anything that uses the OSX API has bigger issues, this is part of a whole host of bugs that emerged a few days ago in the core text rendering services.

    People have been saying for a while that unicode support can lead to fishing and misdirection attacks, apple have accidently left a DoS vuln in there too. You can bet that all the black hats are circling this one.
    throw new ArgumentException (String, String, Exception)

  4. #4
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Gateshead
    Posts
    15,196
    Thanks
    1,230
    Thanked
    2,291 times in 1,874 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 2x 4GB DDR4 2666
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: OSX users suffering from unicode bug DoS issue.

    Quote Originally Posted by Smudger View Post
    Is that supposed to leave a smear of characters on the screen? That's what I'm getting on Chrome on Win 7...
    Firefox too. AFAICT it's a large number of combining characters which means you end up with stupid amounts of accents and diacritics stacked on top of each other; i.e. it's not actually something that's meant to render nicely...

  5. #5
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,164
    Thanks
    803
    Thanked
    2,152 times in 1,408 posts

    Re: OSX users suffering from unicode bug DoS issue.

    It's not the fact its a 'strange rendering issue'

    Its the fact that a core API function ****s up.

    This means that any application which tries to render text is at risk of a DoS issue at present. However as some are speculating there might be a chance to execute code related to this as well.

    As rendering text from a source that is often un-trusted is a key part of many apps, such as twitter, or email (there are some demos of this already bombing the email client, until the email is deleted by another means the user can not open email).

    A serious, yet interesting bug brought in by unicode support. The kind of support 99% of users won't ever need.
    throw new ArgumentException (String, String, Exception)

  6. #6
    mush-mushroom b0redom's Avatar
    Join Date
    Oct 2005
    Location
    Middlesex
    Posts
    3,438
    Thanks
    174
    Thanked
    362 times in 279 posts
    • b0redom's system
      • Motherboard:
      • Some iMac thingy
      • CPU:
      • 3.4Ghz Quad Core i7
      • Memory:
      • 24GB
      • Storage:
      • 3TB Fusion Drive
      • Graphics card(s):
      • nViidia GTX 680MX
      • PSU:
      • Some iMac thingy
      • Case:
      • Late 2012 pointlessly thin iMac enclosure
      • Operating System:
      • OSX 10.8 / Win 7 Pro
      • Monitor(s):
      • Dell 2713H
      • Internet:
      • Be+

    Re: OSX users suffering from unicode bug DoS issue.

    Without unduly wishing to bring fact into this. I'm replying to this forum post in Safari on OSX. Your string renders a bit peculiarly, but hasn't caused a crash or any other problem.

  7. #7
    Not a good person scaryjim's Avatar
    Join Date
    Jan 2009
    Location
    Gateshead
    Posts
    15,196
    Thanks
    1,230
    Thanked
    2,291 times in 1,874 posts
    • scaryjim's system
      • Motherboard:
      • Dell Inspiron
      • CPU:
      • Core i5 8250U
      • Memory:
      • 2x 4GB DDR4 2666
      • Storage:
      • 128GB M.2 SSD + 1TB HDD
      • Graphics card(s):
      • Radeon R5 230
      • PSU:
      • Battery/Dell brick
      • Case:
      • Dell Inspiron 5570
      • Operating System:
      • Windows 10
      • Monitor(s):
      • 15" 1080p laptop panel

    Re: OSX users suffering from unicode bug DoS issue.

    Quote Originally Posted by TheAnimus View Post
    It's not the fact its a 'strange rendering issue'
    I'm aware there's a wider issue, I was just replying to Smudger's question about rendering. How widespread the problem is is brought into question by boredom's addition to the thread. Assuming there is a genuine issue, then it's a major concern, although I wouldn't be at all surprised to see Apple handwave it in the very near future ...

  8. #8
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,164
    Thanks
    803
    Thanked
    2,152 times in 1,408 posts

    Re: OSX users suffering from unicode bug DoS issue.

    Quote Originally Posted by b0redom View Post
    Without unduly wishing to bring fact into this. I'm replying to this forum post in Safari on OSX. Your string renders a bit peculiarly, but hasn't caused a crash or any other problem.
    Thats inline with the original link and HN comments too.

    Try running that string via twitter, apparently there is one for crashing mail too.
    throw new ArgumentException (String, String, Exception)

  9. #9
    Senior Member Stringent's Avatar
    Join Date
    Jul 2003
    Location
    Neverland
    Posts
    5,227
    Thanks
    45
    Thanked
    155 times in 117 posts
    • Stringent's system
      • Motherboard:
      • Intel DQ57TM
      • CPU:
      • Intel i5 760
      • Memory:
      • 8GB
      • Storage:
      • 1TB
      • Graphics card(s):
      • NVIDIA Geforce 260GTX
      • PSU:
      • Corsair HX620
      • Case:
      • Coolermaster Centurion
      • Operating System:
      • Microsoft Windows 7 Ultimate x64
      • Monitor(s):
      • Dual Iiyama 24"
      • Internet:
      • Patchy

    Re: OSX users suffering from unicode bug DoS issue.

    Chrome just crashes when I load this thread, Safari loads it, but as you say, displays oddly your quote.

  10. #10
    Seething Cauldron of Hatred TheAnimus's Avatar
    Join Date
    Aug 2005
    Posts
    17,164
    Thanks
    803
    Thanked
    2,152 times in 1,408 posts

    Re: OSX users suffering from unicode bug DoS issue.

    Quote Originally Posted by Stringent View Post
    Chrome just crashes when I load this thread, Safari loads it, but as you say, displays oddly your quote.
    Chrome under OSX?

    It shouldn't crash? Because it uses its own rendering? Which version out of interest?

    (Also once again people, don't tweet this for fun at apple loving celebs, steven fry must be so sick of it already)
    throw new ArgumentException (String, String, Exception)

  11. #11
    Sublime HEXUS.net
    Join Date
    Jul 2003
    Location
    The Void.. Floating
    Posts
    11,819
    Thanks
    213
    Thanked
    233 times in 160 posts
    • Stoo's system
      • Motherboard:
      • Mac Pro
      • CPU:
      • 2*Xeon 5450 @ 2.8GHz, 12MB Cache
      • Memory:
      • 32GB 1600MHz FBDIMM
      • Storage:
      • ~ 2.5TB + 4TB external array
      • Graphics card(s):
      • ATI Radeon HD 4870
      • Case:
      • Mac Pro
      • Operating System:
      • OS X 10.7
      • Monitor(s):
      • 24" Samsung 244T Black
      • Internet:
      • Zen Max Pro

    Re: OSX users suffering from unicode bug DoS issue.

    Causes no issues on Safari 6.0.2 or Firefox 18 on 10.8.2, but kills the twitter app, and Chrome 24.0.1312.57..
    (\__/)
    (='.'=)
    (")_(")

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •