CoreText
Latest
Bug in CoreText allows a string of characters to crash apps
A serious bug has been uncovered in Apple's CoreText layout engine, which is responsible for laying out text in applications that make use of the Cocoa framework on OS X and iOS systems. The bug causes any app relying on CoreText to crash when a specific string of Arabic characters is displayed, meaning just the simple act of viewing a tweet or receiving an instant message is enough to trigger the crash. With apps like messaging or email clients, the problem is more severe, as the app may continue to crash repeatedly if it attempts to display previous message history or previews of email content. The good news is it appears that Apple has already addressed this bug in the upcoming versions of OS X 10.9 Mavericks and iOS 7, but as of yet, no updates have been released to correct the issue on the current versions of the operating systems that are affected (OS X 10.8 and iOS 6). This isn't the first time that innocent strings have been found to cause crashes in apps. Back in February, an odd bug was discovered which caused apps to crash whenever a reference to a local file URL (e.g., file:///) contained a capital "F." While there isn't a foolproof way to prevent exploits like this from being used, some sites have taken preventative measures. Facebook is currently blocking messages which are found to contain the string, and I'm sure as word of the issue gets around, Twitter and other sites may take similar actions. The best advice I can give for users, however, is to be cautious about viewing links and reading messages from people that you don't know or that seem otherwise suspicious. Obviously, the nature of this bug makes it difficult to completely avoid, as receiving a message or opening a page where a spammer has left the string in a comment could easily trigger a crash, and there's little that could be done to prevent it. Here's hoping that Apple picks up on this and corrects the issue before anyone finds any creative methods for taking advantage of the problem. [via TechCrunch]
TextMate 2.0 will likely be Leopard-only
In what would seem, on the surface, to be an odd move for a text editor, Macromates has stated that TextMate 2.0 will almost certainly be Leopard-only. Allan Odgaard gives some good reasons as to why, though. And it's not just because the Halloween icon will look better with Leopard's resolution independence!Rather than paraphrase him, I'll paste what he's already said quite well:First of all, 2.0 is a free upgrade, so I won't miss out on any upgrade fees from people that want to stay on Panther or Tiger. Secondly, roughly 90% of my users are early adopters and have in all likelihood upgraded to Leopard within a few months of its release, so by keeping compatibility with older operating systems I am catering to less than 10% of my users. Thirdly, it has a significant cost to stay backwards compatible, this price is paid in the form of: Time spent debugging (and sometimes making workarounds for) issues only present on the older OS version. Time spent implementing stuff that Apple offers for free on the new version of the OS. Not being able to make use of features only present on latest version of the OS when it's too impractical to conditionally make use of them. Code complexity, because it needs to do different things on different versions of the OS. Is eliminating those costs worth a 10% drop in sales? You bet they are! The reason why I have kept Panther compatibility for this long has nothing to do with additional sales and all to do with me just not liking to cut people off. I think Allan defends his decision quite well. Much better than Adobe does, in regard to Soundbooth's lack of PowerPC support. There's more to Allan's statement, but you should hop over to his blog to read the rest of it and let him know your thoughts on the issue. To balance any potential backlash, Macromates will surely win a few hearts and minds by the free TextMate 2.0 upgrade. Any other TextMate users out there have an opinion on this?
