Re: How to recognize mutability?
Hi Everybody, I step in here, with my two euro cents worth. I see a basic design flaw happening here. That is you do not to be doing consistency checks. It is possible to find out if something goes wrong during the arching process. Check the API for NSKeyedArchiver. Maybe, I am to old school, but I have learned working with any similar to a database you need consistency checks before you commit. The same goes for any input to a program. Either, control the input to your system, or make sure it does not cause problems. regards Keith. Am 22.02.2013 um 07:37 schrieb Alex Zavatone z...@mac.com: On Feb 22, 2013, at 1:15 AM, Jens Alfke wrote: On Feb 21, 2013, at 8:34 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: Well, the opposite of: can store all strings is: can store only certain strings. My point is that the number of unstorable strings is greater than zero. Whether it is 1 or any other number is quite beside the point. Yes. What makes this so bad is that it’s pretty likely that some strings stored in an archive are created outside the program’s control, i.e. by a user (or worse, possibly from data received over a network.) That means you have to explicitly guard against un-archivable strings, maybe by escaping them somehow, or run the risk of crashes or corruption. And we don’t even know for sure what the full set of un-archivable strings is. It also doesn’t matter how obscure/unlikely those illegal inputs are. Let’s say you wrote an IRC client that persists transcripts using an NSKeyedArchiver, with a data structure where every message is an NSString. Makes sense. So then all someone has to do is type the message “$null” into an IRC chat, and boom! Everyone in that chat room using your client simultaneously gets kicked out with a crash.* Instant DoS attack. In this case it wouldn’t matter if the illegal string were a specific 800 characters of gibberish; once someone found out the bug, that string would become pretty widely known. Exactly that. In one iOS project I have that is a front end GUI to a corporate database, simply entering null as a search query to the server ends up returning every record in the database. It's unexpected issues like this that can have really dangerous and unpredictable implications. Since I don't have control over the server, I have an array of query values to check for that could crater the server and filter the search input against this array to remove any of those values if present. Now, IF this were for a project that was, ohh, the entire sales figures for a large public company (it is), this is a massive security and legal issue in that the back end exposes the entire data set of clients (or whatever) simply by passing in null as a query string. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On 2/21/13 5:05 AM, Gerriet M. Denkmann wrote: On 2/20/13 9:10 AM, Gerriet M. Denkmann wrote: P.S. I want my own archiver for 2 reasons: 1. NSKeyedArchiver can store only certain strings I find that very hard to believe. I find that very easy to proof: NSArray *a = @[ @$nill, @$null, @$nall ]; NSLog(@%s NSKeyedArchiver archiving %@, __FUNCTION__, a); NSData *e = [ NSKeyedArchiver archivedDataWithRootObject: a ]; NSArray *b = [ NSKeyedUnarchiver unarchiveObjectWithData: e ]; NSLog(@%s NSKeyedUnarchiver got %@, __FUNCTION__, b); /*NSKeyedArchiver archiving ( $nill, $null, $nall ) NSKeyedUnarchiver got () **/ OK, granted that's really bad, but it's hardly what can store only certain strings implies. It sounded as if there were arbitrary character sequences that could not be stored when in fact in can't store one special character sequence. Regards Markus -- __ Markus Spoettl ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On Feb 20, 2013, at 10:38 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: Looks like there is an exception, though nothing gets logged in the Xcode console: frame #0: 0x7fff88d483c5 libobjc.A.dylib`objc_exception_throw frame #1: 0x7fff8ade6e7c CoreFoundation`+[NSException raise:format:] + 204 frame #2: 0x7fff880662e7 Foundation`-[NSString encodeWithCoder:] + 263 frame #3: 0x7fff880592d0 Foundation`_encodeObject_old + 152 frame #4: 0x7fff880591b1 Foundation`-[NSArchiver encodeRootObject:] + 179 frame #5: 0x7fff88058e76 Foundation`+[NSArchiver archivedDataWithRootObject:] + 145 Of course nothing has been logged to the console yet; you're stopped at objc_exception_throw. The exception won't be logged until it gets to the default uncaught exception handler. --Kyle Sluder ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On 21 Feb 2013, at 17:08, Kyle Sluder k...@ksluder.com wrote: On Feb 20, 2013, at 10:38 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: Looks like there is an exception, though nothing gets logged in the Xcode console: frame #0: 0x7fff88d483c5 libobjc.A.dylib`objc_exception_throw frame #1: 0x7fff8ade6e7c CoreFoundation`+[NSException raise:format:] + 204 frame #2: 0x7fff880662e7 Foundation`-[NSString encodeWithCoder:] + 263 frame #3: 0x7fff880592d0 Foundation`_encodeObject_old + 152 frame #4: 0x7fff880591b1 Foundation`-[NSArchiver encodeRootObject:] + 179 frame #5: 0x7fff88058e76 Foundation`+[NSArchiver archivedDataWithRootObject:] + 145 Of course nothing has been logged to the console yet; you're stopped at objc_exception_throw. The exception won't be logged until it gets to the default uncaught exception handler. I have to apologize for my poor explanation. What I should have said is: I had no breakpoints enabled, did run the code, did see nothing in Xcode. So (as I am used to seeing exception logged) I (falsely) said that no exception did occur. Then I set a breakpoint on All Exceptions, typed bt when a breakpoint was reached, and receive the lines cited above. And after I hit continue one or two times the app continued to run, but still nothing about exceptions appeared in the Xcode console. Kind regards, Gerriet. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On 22 Feb 2013, at 03:00, Markus Spoettl ms_li...@shiftoption.com wrote: On 2/21/13 5:05 AM, Gerriet M. Denkmann wrote: On 2/20/13 9:10 AM, Gerriet M. Denkmann wrote: P.S. I want my own archiver for 2 reasons: 1. NSKeyedArchiver can store only certain strings I find that very hard to believe. I find that very easy to proof: OK, granted that's really bad, but it's hardly what can store only certain strings implies. It sounded as if there were arbitrary character sequences that could not be stored when in fact in can't store one special character sequence. Well, the opposite of: can store all strings is: can store only certain strings. My point is that the number of unstorable strings is greater than zero. Whether it is 1 or any other number is quite beside the point. If something does not work correctly, I insist of calling it broken. Even if it might work correctly in most cases. Some people obviously think otherwise (e.g. Apple engineers responsible for NSKeyedArchiver). Kind regards, Gerriet. P.S. I have to admit that the wording can store only certain strings verges on the over-dramatic. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On Feb 21, 2013, at 8:34 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: Well, the opposite of: can store all strings is: can store only certain strings. My point is that the number of unstorable strings is greater than zero. Whether it is 1 or any other number is quite beside the point. Yes. What makes this so bad is that it’s pretty likely that some strings stored in an archive are created outside the program’s control, i.e. by a user (or worse, possibly from data received over a network.) That means you have to explicitly guard against un-archivable strings, maybe by escaping them somehow, or run the risk of crashes or corruption. And we don’t even know for sure what the full set of un-archivable strings is. It also doesn’t matter how obscure/unlikely those illegal inputs are. Let’s say you wrote an IRC client that persists transcripts using an NSKeyedArchiver, with a data structure where every message is an NSString. Makes sense. So then all someone has to do is type the message “$null” into an IRC chat, and boom! Everyone in that chat room using your client simultaneously gets kicked out with a crash.* Instant DoS attack. In this case it wouldn’t matter if the illegal string were a specific 800 characters of gibberish; once someone found out the bug, that string would become pretty widely known. —Jens * I had something like this happen in one particular development build of iChat once, due to a bug in the Bonjour status-message code. There was some particular character you could put in your status message, that would instantly crash every copy of iChat running on your subnet. This was lots of fun for a few hours until I fixed the bug. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On Feb 22, 2013, at 12:15 AM, Jens Alfke j...@mooseyard.com wrote: * I had something like this happen in one particular development build of iChat once, due to a bug in the Bonjour status-message code. There was some particular character you could put in your status message, that would instantly crash every copy of iChat running on your subnet. This was lots of fun for a few hours until I fixed the bug. We've all had something like this happen once, and recently; just enter the word File, followed by a colon and three forward slashes... Charles ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On Feb 22, 2013, at 1:15 AM, Jens Alfke wrote: On Feb 21, 2013, at 8:34 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: Well, the opposite of: can store all strings is: can store only certain strings. My point is that the number of unstorable strings is greater than zero. Whether it is 1 or any other number is quite beside the point. Yes. What makes this so bad is that it’s pretty likely that some strings stored in an archive are created outside the program’s control, i.e. by a user (or worse, possibly from data received over a network.) That means you have to explicitly guard against un-archivable strings, maybe by escaping them somehow, or run the risk of crashes or corruption. And we don’t even know for sure what the full set of un-archivable strings is. It also doesn’t matter how obscure/unlikely those illegal inputs are. Let’s say you wrote an IRC client that persists transcripts using an NSKeyedArchiver, with a data structure where every message is an NSString. Makes sense. So then all someone has to do is type the message “$null” into an IRC chat, and boom! Everyone in that chat room using your client simultaneously gets kicked out with a crash.* Instant DoS attack. In this case it wouldn’t matter if the illegal string were a specific 800 characters of gibberish; once someone found out the bug, that string would become pretty widely known. Exactly that. In one iOS project I have that is a front end GUI to a corporate database, simply entering null as a search query to the server ends up returning every record in the database. It's unexpected issues like this that can have really dangerous and unpredictable implications. Since I don't have control over the server, I have an array of query values to check for that could crater the server and filter the search input against this array to remove any of those values if present. Now, IF this were for a project that was, ohh, the entire sales figures for a large public company (it is), this is a massive security and legal issue in that the back end exposes the entire data set of clients (or whatever) simply by passing in null as a query string. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
How to recognize mutability?
I am trying to build my own version of NSKeyed(Un)Archiver. But I do not know how to recognise mutability. 1. use isKindOfClass: [NSMutableString class] disadvantage: all strings turn out to be mutable 2. use respondsToSelector: @selector(appendString:) disadvantage: all strings turn out to be mutable 3. mutate the string (in a @try block) if exception, then immutable, else mutate the string back. disadvantage: very inelegant and probably quite slow 4. use some undocumented (which?) method disadvantage: might break with next OS release 5. anything else? Gerriet. P.S. I want my own archiver for 2 reasons: 1. NSKeyedArchiver can store only certain strings 2. It creates files, which are 10 times bigger than my version (and 5 times bigger than NSArchiver) ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On 20 Feb, 2013, at 9:10, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: I am trying to build my own version of NSKeyed(Un)Archiver. But I do not know how to recognise mutability. Use classForKeyedArchiver (or one of the other variants) to detect as which class an object wants to be archived. This will return [NSMutableString class] for mutable strings and [NSString class] for immutable ones. Ronald 1. use isKindOfClass: [NSMutableString class] disadvantage: all strings turn out to be mutable 2. use respondsToSelector: @selector(appendString:) disadvantage: all strings turn out to be mutable 3. mutate the string (in a @try block) if exception, then immutable, else mutate the string back. disadvantage: very inelegant and probably quite slow 4. use some undocumented (which?) method disadvantage: might break with next OS release 5. anything else? Gerriet. P.S. I want my own archiver for 2 reasons: 1. NSKeyedArchiver can store only certain strings 2. It creates files, which are 10 times bigger than my version (and 5 times bigger than NSArchiver) ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/ronaldoussoren%40mac.com This email sent to ronaldousso...@mac.com ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On 2/20/13 9:10 AM, Gerriet M. Denkmann wrote: P.S. I want my own archiver for 2 reasons: 1. NSKeyedArchiver can store only certain strings I find that very hard to believe. Markus -- __ Markus Spoettl ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On 21 Feb 2013, at 00:42, Markus Spoettl ms_li...@shiftoption.com wrote: On 2/20/13 9:10 AM, Gerriet M. Denkmann wrote: P.S. I want my own archiver for 2 reasons: 1. NSKeyedArchiver can store only certain strings I find that very hard to believe. I find that very easy to proof: NSArray *a = @[ @$nill, @$null, @$nall ]; NSLog(@%s NSKeyedArchiver archiving %@, __FUNCTION__, a); NSData *e = [ NSKeyedArchiver archivedDataWithRootObject: a ]; NSArray *b = [ NSKeyedUnarchiver unarchiveObjectWithData: e ]; NSLog(@%s NSKeyedUnarchiver got %@, __FUNCTION__, b); /* NSKeyedArchiver archiving ( $nill, $null, $nall ) NSKeyedUnarchiver got () **/ Kind regards, Gerriet. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On Feb 20, 2013, at 12:10 AM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: But I do not know how to recognise mutability. 1. use isKindOfClass: [NSMutableString class] disadvantage: all strings turn out to be mutable This is somewhat of an FAQ. There is no way to do this (without groping inside private data structures.) In practice, all NSStrings are instances of a few CF-implemented string classes that support both mutable and immutable strings. These internal classes implement the API of both NSString and NSMutableString. I think you’ve posted about this stuff before? It really sounds like you’re on a wild goose chase down a rathole, with this archiving project. I suggest you back up a ways and look at the problem from a high level and find a different way to solve it. —Jens ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On Feb 20, 2013, at 8:05 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: I find that very easy to proof: Looks like you’re right — it’s the string @“$null” that’s to blame, for some reason. I would guess that somewhere in the archiver is some fscked-up unquoting code. I hope you’ve filed a bug report with Apple? I don’t have any really good suggestions, except not to use anything based on NSCoding. :-p There are plenty of non-opaque non-proprietary data formats you can use to serialize structured data; I recommend JSON. —Jens ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On 21 Feb 2013, at 11:27, Jens Alfke j...@mooseyard.com wrote: On Feb 20, 2013, at 8:05 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: I find that very easy to proof: Looks like you’re right — it’s the string @“$null” that’s to blame, for some reason. I would guess that somewhere in the archiver is some fscked-up unquoting code. They are using $null to stand for nil. Which does not play nice with NSArrays (and other containers), which cannot contain nil. I hope you’ve filed a bug report with Apple? Have done long ago. Came back as duplicate (not surprising) with a very low number too. Meaning that this bug is known to Apple since ages, but they decided not to bother. Kind regards, Gerriet. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On 21 Feb 2013, at 11:15, Jens Alfke j...@mooseyard.com wrote: On Feb 20, 2013, at 12:10 AM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: But I do not know how to recognise mutability. 1. use isKindOfClass: [NSMutableString class] disadvantage: all strings turn out to be mutable This is somewhat of an FAQ. There is no way to do this (without groping inside private data structures.) Well, turns out there is a way. As Ronald Oussoren kindly pointed out yesterday: BOOL isMutable = [ someString classForKeyedArchiver ] == [ NSMutableString class ]; does exactly what I needed. I think you’ve posted about this stuff before? Probably. But never got this really clever answer of classForKeyedArchiver. It really sounds like you’re on a wild goose chase down a rathole, with this archiving project. Well, it is not going too badly. My Archiver has keyed archiving and produces output comparable to NSArchiver (much smaller than NSKeyedArchiver) and can be used on iOS (unlike NSArchiver). It is not yet optimised (polite way to say: it is quite slow). I suggest you back up a ways and look at the problem from a high level and find a different way to solve it. I will have a look at JSON. Kind regards, Gerriet. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On Feb 20, 2013, at 8:39 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: They are using $null to stand for nil. Which does not play nice with NSArrays (and other containers), which cannot contain nil. Plus, the object @“$null” is not the same as a nil pointer, so this is bad whether or not a container can contain nil. This makes NSArchiver a bad idea for _any_ data structure that can contain user (or worse, remote) input, since things will presumably start to break if the user enters “$null” into the right fields. (This makes me want to start entering that into various text fields in apps to see what will happen…) :-p I’m serious. These types of unquoting bugs are absolutely rampant in PHP libraries, and are one source of the constant security exploits that show up in WordPress and other PHP apps. I didn’t think Apple would leave this type of bug open for long — there’s probably a way to use it to pwn some Mac or iOS software, if a creative enough hacker gets ahold of it. —Jens ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On 21 Feb 2013, at 12:09, Jens Alfke j...@mooseyard.com wrote: On Feb 20, 2013, at 8:39 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: They are using $null to stand for nil. Which does not play nice with NSArrays (and other containers), which cannot contain nil. Plus, the object @“$null” is not the same as a nil pointer, so this is bad whether or not a container can contain nil. This makes NSArchiver no: NSArchiver is ok (though kind of frowned upon) NSKeyedArchiver is the silly one. a bad idea for _any_ data structure that can contain user (or worse, remote) input, since things will presumably start to break if the user enters “$null” into the right fields. (This makes me want to start entering that into various text fields in apps to see what will happen…) :-p Just make a nib (or xib) file with some label or button title of $null and see what happens. — there’s probably a way to use it to pwn some Mac or iOS software, if a creative enough hacker gets ahold of it. I am not so sure. I have only noticed that NSKeyedUnarchiver turns arrays with $null into empty arrays. (And dictionaries, which have their keys and values stored as two arrays turn out to have a mismatch between number of keys and values). But another bug looks rather promising: feed strings with illegal Unicode to NSArchiver and see what happens. Did this (by accident) the other day. NSArchiver did not return, there was no exception, the app did not crash. Not sure what was going on. Kind regards, Gerriet. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On Feb 20, 2013, at 9:31 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: But another bug looks rather promising: feed strings with illegal Unicode to NSArchiver and see what happens. It’s harder to get such a string into an app, though, since you can’t really type it. Did this (by accident) the other day. NSArchiver did not return, there was no exception, the app did not crash. Not sure what was going on. Sounds like something called abort() — that’ll make the process exit abruptly. You can try setting a breakpoint on it. Or on exit(). —Jens ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to recognize mutability?
On 21 Feb 2013, at 12:58, Jens Alfke j...@mooseyard.com wrote: On Feb 20, 2013, at 9:31 PM, Gerriet M. Denkmann gerr...@mdenkmann.de wrote: But another bug looks rather promising: feed strings with illegal Unicode to NSArchiver and see what happens. It’s harder to get such a string into an app, though, since you can’t really type it. Did this (by accident) the other day. NSArchiver did not return, there was no exception, the app did not crash. Not sure what was going on. Sounds like something called abort() — that’ll make the process exit abruptly. You can try setting a breakpoint on it. Or on exit(). Looks like there is an exception, though nothing gets logged in the Xcode console: frame #0: 0x7fff88d483c5 libobjc.A.dylib`objc_exception_throw frame #1: 0x7fff8ade6e7c CoreFoundation`+[NSException raise:format:] + 204 frame #2: 0x7fff880662e7 Foundation`-[NSString encodeWithCoder:] + 263 frame #3: 0x7fff880592d0 Foundation`_encodeObject_old + 152 frame #4: 0x7fff880591b1 Foundation`-[NSArchiver encodeRootObject:] + 179 frame #5: 0x7fff88058e76 Foundation`+[NSArchiver archivedDataWithRootObject:] + 145 Kind regards, Gerriet. ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com