Crash Apps by simply typing File:///

[Platskies]

I could see this being used in trolling methods. Hope Apple fixes it soon 😛

I think considering how viral this has gotten, Apple should hopefully fix it in 10.8.3. 😉

 

[Partron22]

Bug is in Data Detectors, which is why it's hitting so many Apps.

More detail:
Typing these eight characters will crash almost any application on your Mac

Looks like it triggers on anything starting with file:// (+/) case-insensitive, but then something later in the data extraction makes the incorrect assumption that the string should start with file:// (+/) lowercase, and throws an assert. It’s really quite bad that a bug inside the data detectors can bring down a whole app.

In vaguely related news:

Apple has won an import ban from the US International Trade Commission blocking HTC Android phones that infringe upon its Data Detectors patent, a move that will require Android to drop the feature or implement it in a way that does not infringe.

 

[ElectricSheep]

This is likely the result of some leftover debug code in the production build of DataDetectorsCore. Strictly speaking, an assertion check fails and forces the application to terminate, not crash—this is not a possible vector for exploitation (arbitrary code execution or privilege escalation) like some other potential C-string related bugs.

It is a rather glaring oversight, and its surprising that it has gone undetected for so long.

If you are feeling adventurous, you can modify the DataDetectorsCore code to bypass the assert() and stop the application terminations.

 

[dyn]

Bug is in Data Detectors, which is why it's hitting so many Apps.

Most apps don't use data detectors, only a few do so the data detectors thing is highly unlikely. Since the crashing stops when you disable things like autocorrect and spellchecking it is far more likely to be in that system. You can try it with TextEdit: enabling or disabling doesn't matter: it keeps crashing. Disable the spellcheck feature and it stops crashing. It also explains why various other apps do not crash such as LibreOffice and Firefox. They use their own spellchecking system, not the one in OS X.

 

[File:///master/]

I tried typing File:/// in an IRC channel likely to have some Mac users, and I didn't see any disconnection messages.

 

[eagandale4114]

Fixed in 10.8.3

 

[Simplicated]

I tried typing File:/// in an IRC channel likely to have some Mac users, and I didn't see any disconnection messages.

It sounds like you registered for an account here just to try to crash people's computers.

 

[mindlessmissy]

Fixed in 10.8.3

Yep ...

Fixed in the latest release 12D65 ... 😀