By now, a lot of Mac users are probably familiar with Messages, Apple’s new Instant Messaging app. One of the features which this app stealthily removed was formatting: that is, all incoming messages are automatically stripped of bold, italic, and various other font tags. But, being the poorly coded program that it is, Messages sometimes fails to reformat an incoming message. I decided to investigate this further.
I first noticed that Messages didn’t always reformat incoming messages when my friend sent me a quote which was copied from a website. For some reason, the text remained bold when I saw it on my machine. I decided to throw up the LibOrange Xcode project that I already had lying around on my computer in order to log the HTML of the message which somehow eluded Apple’s reformatting.
At first glance, the body of the message seemed ordinary: there were no tags which stood out; in fact, the HTML itself had nothing to do with why Messages was failing to reformat. However, the message did contain a very unique attribute which allowed it to slip past the reformatting process.
As a quote, the message was not only formatted, but also surrounded by ” characters. And, as many fellow copy-and-pasters know, most websites use special characters for open/close quotes; these characters are not the standard ASCII quote character, but rather a UTF-16 character. When I realized that these fancy quotes surrounded the message, I came to a conclusion: unicode characters break Messages’ reformatter.
I tested this theory with LibOrange. I setup a simple AOL screenname which automatically echo’d messages I typed, replacing < and > with < and >. I found that, if an HTML format tag came after a unicode character in the message, Messages did not remove it:
So, what conclusion can I draw from this? One which I already drew a while ago: Messages was poorly implemented. On top of that, what I’ve found shows that Apple’s code which processes incoming messages is not perfect. With this in mind, it might be possible for someone to derive an exploit which could be triggered simply by sending someone a message. However, this doesn’t seem likely to be possible, but who knows; if Apple fails at one thing, what else may they have failed at?