Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment: Re:Lol (Score 1) 198

by Guy Harris (#49788731) Attached to: A Text Message Can Crash An iPhone and Force It To Reboot

Just because it's unlikely with a real text string doesn't mean that any of the text is invalid for a message. The text string should still not need to be changed. The bug only affects notifications, and it's clear that the text can be displayed just fine in conversation view.

This is almost certainly due to splitting multibyte characters on sub-character boundaries.

Or mishandling combining characters; the screenshot geminidomino provided shows several combining characters, as indicated by the dotted-line circles in some of the glyphs (and I suspect some of the marks above the Arabic characters come from combining characters as well).

Comment: Re: Lol (Score 1) 198

by Guy Harris (#49788723) Attached to: A Text Message Can Crash An iPhone and Force It To Reboot

No, the problem is code that pretends that illegal UTF-8 sequences magically don't exist!

Where's the illegal UTF-8 sequence in the message? Is the actual octet sequence in the message different from what's in this Slashdot posting (once converted to a sequence of octets), which contains no invalid UTF-8 sequences (yes, I went through them all by hand)?

Comment: Re:What is the string? (Score 1) 198

by Guy Harris (#49788709) Attached to: A Text Message Can Crash An iPhone and Force It To Reboot

That's the string encoded as UTF-8, so it's more like

50 6f 77 65 72 20 d9 84 d9 8f d9 84 d9 8f d8 b5 d9 91 d8 a8 d9 8f d9 84 d9 8f d9 84 d8 b5 d9 91 d8 a8 d9 8f d8 b1 d8 b1 d9 8b 20 e0 a5 a3 20 e0 a5 a3 68 20 e0 a5 a3 20 e0 a5 a3 20 e5 86 97

If we turn that into a sequence of (21-bit) Unicode code points, it becomes

000050 00006f 000077 000065 000072 000020 000644 00064f 000644 00064f 000635 000651 000628 00064f 000644 00064f 000644 000635 000651 000628 00064f 000631 000631 00064b 000020 000963 000020 000963

...with 000068 000020 000963 000020 000963 000020 005197 following it (I quit translating too early)

which, encoded as UTF-16, is

0050 006f 0077 0065 0072 0020 0644 064f 0644 064f 0635 0651 0628 064f 0644 064f 0644 0635 0651 0628 064f 0631 0631 064b 0020 0963 0020 0963

...with 0068 0020 0963 0020 0963 0020 5197 following it.

As UTF-16, there are no surrogate pairs, so the bug presumably isn't a problem with handling UTF-16-encoded Unicode characters bigger than 00FFFF.

Still true with the corrections.

Comment: Re:What is the string? (Score 1) 198

by Guy Harris (#49787595) Attached to: A Text Message Can Crash An iPhone and Force It To Reboot

In hex, the string is:

506f 7765 7220 d984 d98f d984 d98f d8b5 d991 d8a8 d98f d984 d98f d984 d8b5 d991 d8a8 d98f d8b1 d8b1 d98b 20e0 a5a3 20e0 a5a3 6820 e0a5 a320 e0a5 a320 e586 97

That's the string encoded as UTF-8, so it's more like

50 6f 77 65 72 20 d9 84 d9 8f d9 84 d9 8f d8 b5 d9 91 d8 a8 d9 8f d9 84 d9 8f d9 84 d8 b5 d9 91 d8 a8 d9 8f d8 b1 d8 b1 d9 8b 20 e0 a5 a3 20 e0 a5 a3 68 20 e0 a5 a3 20 e0 a5 a3 20 e5 86 97

If we turn that into a sequence of (21-bit) Unicode code points, it becomes

000050 00006f 000077 000065 000072 000020 000644 00064f 000644 00064f 000635 000651 000628 00064f 000644 00064f 000644 000635 000651 000628 00064f 000631 000631 00064b 000020 000963 000020 000963

which, encoded as UTF-16, is

0050 006f 0077 0065 0072 0020 0644 064f 0644 064f 0635 0651 0628 064f 0644 064f 0644 0635 0651 0628 064f 0631 0631 064b 0020 0963 0020 0963

As UTF-16, there are no surrogate pairs, so the bug presumably isn't a problem with handling UTF-16-encoded Unicode characters bigger than 00FFFF.

I suspect that the string is probably being processed as UTF-16, because that's how CFString/NSString are encoded internally and because code handling UTF-8 that can't handle multi-byte characters couldn't handle anything other than ASCII.

U+0963 is DEVANAGARI VOWEL SIGN VOCALIC LL, which is a nonspacing mark; my guess is that it (or perhaps some other character in that sequence that's a combining character) is getting split, by the ellipsis, from the character with which it's supposed to combine, and that the rendering code is blowing up because of that.

If so, this has nothing to do with UTF-16 being too hard to handle correctly, or with the code not being able to handle characters that are "too many bytes", it has to do with sequences of characters sometimes having to be handled specially, and not just blithely split between characters.

It starts with "Power ", but I guess that's not important.

It might make the string long enough that the code displaying it on the main screen would abbreviate it and thus insert an ellipse.

Comment: Re:Lol (Score 1) 198

by Guy Harris (#49787081) Attached to: A Text Message Can Crash An iPhone and Force It To Reboot

Yes, it is. Any input that will crash your library needs to be sanitized. You need to truncate the message on display, at the bad character.

Where has it ever been stated that the message, as sent to the phone, contains a bad character? Everything I've read indicates that the problem is that the code that's displaying the message is inserting an ellipsis in the middle of a perfectly valid character, making the resulting string invalid.

That's not un-sanitized input, it's bad output, from buggy code.

Comment: Re:Machine learning? (Score 1) 183

by Guy Harris (#49748949) Attached to: DNA On Pizza Crust Leads To Quadruple Murder Suspect

Actually, I found it rather interesting to consider -- given that African Americans are so fond of shouting oppression. Yet they seem to have flourished here rather well, with plenty of opportunity to advance in society, have many elected officials and business leaders and finally, even a President.

So when did we have a US President who was the descendant of slaves brought over to the US?

Comment: Re:somebody is trying too hard. (Score 1) 90

by Guy Harris (#49707233) Attached to: On the Taxonomy of Sci-Fi Spaceships

There is no consistent approach and due to various changes, even the historical usage varies considerably

No kidding. My Corvette is usually only manned by me, and occasionally one other person. It has no armament, and scares the hell out of me when it gets off the ground, let alone leaves the atmosphere. And it might as well be parked, even at top speed, when compared to the slowest space faring vehicles.

James, did you take your stepfather's car again? You'll wreck that thing some day. It's over 250 years old, so it's a real classic, and he'll be pretty upset if you ruin it.

Comment: Re:Uh... (Score 2) 270

by Guy Harris (#49670187) Attached to: Swift Vs. Objective-C: Why the Future Favors Swift

Since when is embedded programming associated with "immersive, responsive, consumer-facing applications"? I don't think Swift is going to replace C anytime soon in that department.

It was not obvious from the summary what the heck was meant by "embedded programming". In TFA, in addition to the quoted paragraph, the word "embedded" is also used in "The ability to defer loading in a mobile app or an embedded app on Apple Watch will improve the perceived performance to the user.", "Swift provides the development community a direct way to influence a language that will be used to create apps, embedded systems (if Apple ever licenses an embedded framework and chip for third parties), and devices like the Apple Watch.", and "Ultimately, Swift is a more approachable full-featured programming language that will allow developers to not only build apps but also target embedded systems like the new lower-power Apple Watch for many years to come."

So if he's referring to the Apple Watch, maybe. If he's not, I'm not sure what the heck he's referring to; "embedded systems (if Apple ever licenses an embedded framework and chip for third parties)" sounds like hand-waving. Is he expecting Apple to be pushing Darwin into the *ahem* Internet of Things or some such?

Comment: Re:No, but your own choices are. (Score 1) 179

by Guy Harris (#49645207) Attached to: Is Facebook Keeping You In a Political Bubble?

Look my American friends: raising minimum wage is the opposite of liberal and also the opposite of conservative. One problem of this world is, that you cannot use the correct name for it, because that word is a criminal in USA the land of the free speak.

OK, this presumably isn't the word you're thinking of, because 1) "the means of production, distribution, and exchange [being] owned or regulated by the community as a whole" doesn't necessarily mean that there will even be a minimum wage, or wages of any sort and 2) you don't have to have "the means of production, distribution, and exchange [being] owned or regulated by the community as a whole" in order to have a minimum wage with a given level.

So, either 1) the word in question doesn't (solely) mean what the OED entry in question says it means or 2) that word isn't the name you had in mind. Which is it?

Comment: Re:No, but your own choices are. (Score 5, Interesting) 179

by Guy Harris (#49643845) Attached to: Is Facebook Keeping You In a Political Bubble?

If you de-friend someone (or large groups of someones), their stories are basically not going to be on your feed in the first place, and liberals have been shown to be more likely to de-friend conservatives over political differences than conservatives de-friend liberals http://www.washingtonpost.com/blogs/the-switch/wp/2014/10/21/liberals-are-more-likely-to-unfriend-you-over-politics-online-and-off/

Perhaps because, as the article you cite says:

However, that doesn't mean liberals necessarily like all of the ideas they see. Consistent liberals were the most likely group to block or unfriend someone because they disagreed with their political postings, with 44 percent saying they had "hidden, blocked, defriended, or stopped following someone" on Facebook due to their political postings. Only roughly one-third (31 percent) of consistent conservatives had done the same -- although this might be attributable to lower levels of ideological diversity in their online ecosystem.

And that conservative echochamber isn't limited to conservatives' online interactions: It's a reflection of the lack of ideological diversity in their real life relationships. Two-thirds of consistent conservatives told Pew that most of their close friends share their views on government and politics, compared to just over half, or 52 percent, of consistent liberals. For mostly conservatives, 42 percent of their close friends have the same views, while just 26 percent of mostly liberals respondents who said the same.

so maybe liberals have more conservative "friends" to de-"friend" than conservatives have liberal "friends" to de-"friend".

"Your attitude determines your attitude." -- Zig Ziglar, self-improvement doofus

Working...