Bug in iOS Unicode handling crashes iPhones with a simple text
A peculiar iOS bug apparently that allows pranksters to crash a victim's iPhone by sending a text message from their own iPhone containing what appears to be a single line of seemingly innocuous Arabic script.
AppleInsider reader Kaitlyn on Tuesday discovered that receiving the Unicode characters seen in the screenshot above through Apple's iOS Messages app triggers iPhone restarts, lockouts from Messages, Springboard crashes and more.
A thread on Reddit narrowed down the system crash and reboot errors to iOS Unicode handling. More specifically, the Unicode string in question is part of a much longer block of text that cannot be fully rendered in Notifications.
When a text or iMessage containing the text string is received and presented in the lock screen or as a drop-down notification, iOS gobbles up resources trying to render the message, ultimately causing Springboard to crash. The same line of code doesn't cause problems when received as part of a normal Messages conversation, suggesting the issue lies in part with iOS Notifications.
Some suggest turning off Messages previews for Notifications, though our tests have not shown this process to be effective. If Messages has already crashed, however, AppleInsider has confirmed that receiving a new message, sending out a picture from Photos or sending yourself a message through Share Sheets will stop the process.
AppleInsider reader Kaitlyn on Tuesday discovered that receiving the Unicode characters seen in the screenshot above through Apple's iOS Messages app triggers iPhone restarts, lockouts from Messages, Springboard crashes and more.
A thread on Reddit narrowed down the system crash and reboot errors to iOS Unicode handling. More specifically, the Unicode string in question is part of a much longer block of text that cannot be fully rendered in Notifications.
When a text or iMessage containing the text string is received and presented in the lock screen or as a drop-down notification, iOS gobbles up resources trying to render the message, ultimately causing Springboard to crash. The same line of code doesn't cause problems when received as part of a normal Messages conversation, suggesting the issue lies in part with iOS Notifications.
Some suggest turning off Messages previews for Notifications, though our tests have not shown this process to be effective. If Messages has already crashed, however, AppleInsider has confirmed that receiving a new message, sending out a picture from Photos or sending yourself a message through Share Sheets will stop the process.
Comments
Apple is just resisting socialism by letting this crash the phone.
As the Joker would say, very poor choice of words.
It's says "Apple is doomed buy Samsung's copy instead" in Arabic.
/s
Thanks for that brain cell killing trash post.
And as someone who can read Arabic, you can all rest assured that message is nothing but random letters.
http://arstechnica.com/apple/2013/08/rendering-bug-crashes-os-x-and-ios-apps-with-string-of-arabic-characters/
They have access to the whole alphabet before they deploy this, how hard is it to run a whole series of character strings through it to check if it crashes? Worst case if Messages detects a crash 2 or 3 times, have a procedure to collapse the last few messages to allow the app to open and delete the offending message. Or have the text rendering process separate from the app the way the Safari content engine is so it can crash by itself and leave the app open.
And just to show how dumb today's society is, there are people intentionally trying to crash their phone with this. WTF? Unless you work at Apple and are responsible for fixing software bugs why on earth would you try to replicate this?
1- Because it's better to know what causes the crash in order to avoid it
2- Because the lack of understanding gnaws at the soul of any scholar, researcher, and hacker worth its salt
3- Because a bug report is much more likely to be useful if it states the exact problem rather than "my iMessages sucks it crashes I liked my Samsung better"
4- Because programmers like to debug stuff, even if it's not their awful mess (and it would seem that Apple has a few awful messes laying around, based on the security issues we've read of here), which is a good thing (if you need an analogy, your sentence reads a bit like "journalists are intentionally spreading rumours of trouble with this.WTF? Unless you work at the Government and are responsible for lawful presidential conduct why on earth would you try to uncover this?").
In other words, people narrowing bugs down is a good thing.
No I'm specifically talking about the average Joe who hears about this on AI or MR and then tries to replicate it. Stupid.
No I'm specifically talking about the average Joe who hears about this on AI or MR and then tries to replicate it. Stupid.
Oh, I understand your point now. I guess if it teaches something to them as well, like the fact there even is a difference between encodings, the existence of Unicode ( and UTF-8 being compatible with ASCII, and some characters like ? being platform dependent...) and ISO 8859-6 (or whatever else they used to generate the Arabic in the first place), it's not entirely lost, but it's sadly likely that Average Joe will indeed just try to find a pre-made "crash string" to send to his friends and not even try to understand the logic behind the problem...
And just to show how dumb today's society is, there are people intentionally trying to crash their phone with this. WTF? Unless you work at Apple and are responsible for fixing software bugs why on earth would you try to replicate this?
Clearly for the lulz. I fail to see why this is a big deal - except for Apple's reputation.
They wouldn't have to test every character that's supported, just every character that is in active use and they can flag characters outside their tested set for added checking. The combinations would still reach trillions of trillions but supercomputers can crunch through quadrillions of computations per second now so they could test a significant range. The easiest way would probably be to have a buffered rendering step so they'd take the string, run a new process and render it there first. If that process renders ok, either use the result or run it again in the main app. If that separate process crashes or fails in some way, just put up a message saying that the string failed to render.
er, no - the average joe spends zero time on tech rumor sites. generally we're techies here, and we like to play with things like this for fun.
And just to show how dumb today's society is, there are people intentionally trying to crash their phone with this. WTF? Unless you work at Apple and are responsible for fixing software bugs why on earth would you try to replicate this?
Why not? People are curious and this seems harmless enough to send to _yourself_. As long as there is an "out" who cares.
It's on Reddit and every other publication about this (which is about 5 now) that I've read. Not hard to find at all.
Why not? People are curious and this seems harmless enough to send to _yourself_. As long as there is an "out" who cares.
It's also pretty funny any time you can control someone else's experience as a prank. When I was an intern engineer back in the day, we used to "net send" all sorts of silly stuff to the artists on the team, who were not up on the technical tools.