Tweet crashes Mac Twitter client
jwz.orgThe offending tweet content:
ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪ
00000000 d9 88 d2 88 cd a5 cd a8 cd aa cd af 20 d2 88 d2 |............ ...|
00000010 88 d2 88 |...|
00000013
U+0648 ARABIC LETTER WAW character (و)
U+0488 COMBINING CYRILLIC HUNDRED THOUSANDS SIGN character (҈)
U+0365 COMBINING LATIN SMALL LETTER I character (ͥ)
U+0368 COMBINING LATIN SMALL LETTER C character (ͨ)
U+036A COMBINING LATIN SMALL LETTER H character (ͪ)
U+036F COMBINING LATIN SMALL LETTER X character (ͯ)
U+0020 SPACE character
U+0488 COMBINING CYRILLIC HUNDRED THOUSANDS SIGN character (҈)
U+0488 COMBINING CYRILLIC HUNDRED THOUSANDS SIGN character (҈)
U+0488 COMBINING CYRILLIC HUNDRED THOUSANDS SIGN character (҈)Interesting on chrome Version 24.0.1312.57 the tab crashes when i try to view the tweet but not here.
Can someone explain what is happening and why the tweet is affecting the tab and this post does not?
In the end both just render unicode characters. And it looks like only Firefox is able to display it correctly on OSX 10.8.
Chrome uses OS X's CoreText for rendering the tab titles, but uses its own text rendering engine for the site body. CoreText is the one that crashes on that unicode.
Meanwhile on Chromium 26.0.1384.0 (build 176849) on OS X Lion everything is fine for me. The titlebar is (appropriately for the typography) messed up, but there are no tab loading issues, cpu/memory spikes, or screen corruption. The closest thing to an issue I see is that it makes using Witch's window switch dialogue a bit ugly. Contrary to the thread on jwz's journal YoruFukurou 2.77 doesn't crash or misbehave for me viewing that tweet, but behind the scenes fontd uses up a decent chunk of cpu for several seconds. Perhaps Mountain Lion has more severe bugs in CoreText?
And apparently Twitter puts the content of a tweet in the <title> tag if you are on the page for a single tweet. Surprised that doesn't cause more problems.
> And apparently Twitter puts the content of a tweet in the <title> tag if you are on the page for a single tweet.
Nope, Twitter uses a shortened, ellipsized version of the tweet as <title> ... </title>. Still, if there's Unicode in the shortened version, it might have the same outcome.
After reducing the html-code in the site, it seems to me that it is not the title that causes the crash, but the p-tag with the specific css-style applied.
Wow that renders all sorts of glitchy on iPad/safari
This is the tweet in html character entity form:
ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪWould you mind indenting that two spaces so it shows up
rather than breaking the page layout?like this
And unfollowing only solves the problem until someone in your stream retweets it.
So I retweeted it.
Rendering any typeable character(s) should never crash any engine... ever. That said, unicode seems to be the last frontier for the non-viral spread of glitches.
I'm somewhat reminded of this : http://stackoverflow.com/a/1732454
It also crashes Chrome's current tab on OSX: http://imgur.com/vRn6Qid
Weird, not for me. No crash with Chrome 24.0.1312.57 on OSX 10.6.8.
I'm using 24.0.1312.57 on OSX 10.8.2. Perhaps it is a Lion/Mountain Lion thing.
I'm using Mountain Lion as well, and no crashes.
Windows 7 - Google Chrome 24.0.1312.57m
It's a little laggy, but it's rendering okay. Might be an OSX-localised issue.
Maybe depends upon language settings?
Not for me either with the same version. It doesn't even render, but it doesn't crash.
It does for me too. But not the neighbour tabs. Also 24.0.1312.57 on OS X 10.8.2.
For at least one application, the crash is in:
0 libvDSP.dylib ? + 117458
1 com.apple.CoreText TRun::TRun(TRun const&, CFRange, TRun::SubrangingStyle) + 850
2 com.apple.CoreText CTGlyphRun::CloneRange(CTRun const*, CFRange, TRun::SubrangingStyle) + 142
3 com.apple.CoreText TLine::SetLevelRange(CFRange, unsigned char, bool) + 162
4 com.apple.CoreText TLine::SetTrailingWhitespaceLevel(unsigned char) + 70
5 com.apple.CoreText TRunReorder::ReorderRuns(TBidiLevelsProvider const&, TLine&) + 122
6 com.apple.CoreText TTypesetter::FinishLineFill(TLine&, double, double) const + 142
7 com.apple.CoreText CTTypesetterCreateLine + 131
Is it simply zalgo text? http://eeemo.net/
Is this a mountain lion issue or does this affect lion and SL as well?
Not seeing any crashes on 10.6.x ("Snow Lion") here.
It's "Snow Leopard". Apple isn't running low enough on cats to have to resort to mythological ones just yet ;-)
Hah, you are of course correct. I can never keep the order of OSX cats straight, so I had to look up which one 10.6.x was. But then I typed it out wrong even after doing so!
Unfortunately SL,L,ML doesn't suffice because Leopard (10.5) is also L :/
Though it should be noted that there is no other version that starts with 'S' ...
Does anyone else see something funky at the top most comments?
I do. Some justaposition of random chars. I'm on an iPad, what's your machine?
I see it on my Macbook in Chrome running on Mountain Lion.
Yes, looks like this: http://s20.postimage.org/6athqkm3h/image.jpg
Interesting bug.
Ok, I narrowed down what kills Chrome.
minimalist example:
data:text/html;charset=utf-8,<p style='font-family: "Times New Roman";'>%D9%88%20%D2%88%D2%88%D2%88
tested on: Chrome 24.0.1312.57 | OS x 10.8.2
Edit: also works with other fonts for example Arial
Crashes Chrome on Mac (only the tab, not the whole process). Of course retweeted it!
I'm sure they'll have a bugfix release out soon to fix this.
Nah, just kidding.
Retweeted, of course.
Really interesting, played around with it locally and it just kill two random neighboring tabs, while not effecting others.
Chrome 24.0.1312.57 | OS x 10.8.2
No crash on either Chrome or Firefox on Arch Linux.
Yeah my twitter client is crashing now when I switch to another account that's already logged in.
This twitter account and tweet displays fine on TweetBot for iOS, but causes lag when scrolling.
How do you type this on a Mac?
You could turn on "Unicode Hex Input" in System Preferences > Language & Text > Input Sources and type in the unicode characters one at a time.
This is crashing nightly webkit as well, so it is likely an issue there.
Crashing for me too .. can't open Twitter.app ...
OS X 10.8.2 (12C60)
It also crashes Sublime Edit when pasted.
firefox 18.0.2 on osx seems to survive...
Though it does do unholy things to the tab/window title... :)
correct me if i'm wrong, but somebody is working right now to use this bug in some piece of malicious code...
Aaaand i locked myself out of twitter.
No crash on Chromium with Arch Linux
Doesn't crash Tweetbot or Safari.
Also crashes Tweetbot on the Mac
If it's a CoreText bug, which is sounds like it is, it's going to impact any iOS or OS X app that uses Core Text for rendering. That's pretty much everyone.
Doesn't crash Safari on 10.8.2
<p class="js-tweet-text tweet-text ">ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪ</p>
Cool.
.
.
Edit: Apparently it is only the unicode
>ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪ>ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪ>ه҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͫͬͩͮͨͪͯͥͥͫͪͧͣͯͪͨͣͥͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͥͨͪͫͬͭͮͯͥͤͣͥͨͪͧͣͯͬͪ ҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈҈ͪͨͪͫͬͩͮͯͥͨͣͥͫͪͧͣͯͥͬͪ
.
.
.
How is this possible?
Your post corrupts the rendering of this page on my iPad (4 iOS 6).
I know I see the same on Windows and OSX. Apparently it has something to do with Unicode scripts.
http://en.wikipedia.org/wiki/Script_(Unicode)
Edit: It is slightly different looking on Win7.
should it be considered as a new form of attack ? utf attack , or utf malware ( that's a question ).