LIghtroom SDK: LrStringUtils.compareStrings() crashes Lightroom

  • 1
  • Problem
  • Updated 2 months ago
LrStringUtils.compareStrings() can crash LR when passed strings that aren't well-formed UTF-8. This is very bad -- no SDK function should be able to crash LR, and there isn't any practical, efficient way for a plugin to determine if strings contain well-formed UTF-8.

This arose manipulating strings returned by by Google Cloud Vision's OCR to my Any Vision plugin.

The following script demonstrates this:
local LrStringUtils = import "LrStringUtils"
return LrStringUtils.compareStrings (
"\227\131\161\227\131\179\10\113\44\10\122\10\227\131\149\10\115\101\10\80\10\48" ..
    "\227\128\129\10\32\91\49\93",
"\49\48\33\32\97\110\10\88\58\88\115\88\46\88\32\88\45\45\88\58\51\103\32\88\47\32" ..
    "\194\183\230\46\46\46\32\91\49\93")
Here's a crash report:
Process:               Adobe Lightroom Classic [20946]
Path:                  /Applications/Adobe Lightroom Classic CC/Adobe Lightroom Classic CC.app/Contents/MacOS/Adobe Lightroom Classic
Identifier:            com.adobe.LightroomClassicCC7
Version:               Adobe Lightroom Classic [1193777] (8.0)
Code Type:             X86-64 (Native)
Parent Process:        ??? [1]
Responsible:           Adobe Lightroom Classic [20946]
User ID:               501
Date/Time:             2018-11-30 22:48:15.077 -0500
OS Version:            Mac OS X 10.13.6 (17G65)
Report Version:        12
Anonymous UUID:        71FB9FF6-77E3-1417-8903-176650F9B7BB
Sleep/Wake UUID:       828BFFF0-9A63-4654-995C-3923A602F360
Time Awake Since Boot: 120000 seconds
Time Since Wake:       110000 seconds
System Integrity Protection: enabled
Crashed Thread:        0  Dispatch queue: com.apple.main-thread
Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x0000000000000000
Exception Note:        EXC_CORPSE_NOTIFY
Termination Signal:    Segmentation fault: 11
Termination Reason:    Namespace SIGNAL, Code 0xb
Terminating Process:   exc handler [0]
VM Regions Near 0:
--> 
    __TEXT                 000000010274d000-0000000102946000 [ 2020K] r-x/rwx SM=COW  F [/Applications/Adobe Lightroom Classic CC/Adobe Lightroom Classic CC.app/Contents/MacOS/Adobe Lightroom Classic]
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.CoreFoundation      0x00007fff52b5af5a CFStringGetLength + 10
1   com.apple.CoreFoundation      0x00007fff52b69d84 CFStringCompareWithOptionsAndLocale + 68
2   com.adobe.ag.substrate        0x0000000102decb5a AgStringUtils_compareUnicodeStrings_L + 84
3   com.adobe.ag.kernel            0x0000000102c91fba 0x102c88000 + 40890
4   com.adobe.ag.kernel            0x0000000102ca0324 0x102c88000 + 99108
5   com.adobe.ag.kernel            0x0000000102c92422 0x102c88000 + 42018
6   com.adobe.ag.kernel            0x0000000102c91b01 0x102c88000 + 39681
7   com.adobe.ag.kernel            0x0000000102c9267e 0x102c88000 + 42622
8   com.adobe.ag.kernel            0x0000000102c8a237 lua_pcall + 102
9   com.adobe.ag.kernel            0x0000000102c8c055 0x102c88000 + 16469
10  com.adobe.ag.kernel            0x0000000102c91fba 0x102c88000 + 40890
11  com.adobe.ag.kernel            0x0000000102ca12a8 0x102c88000 + 103080
12  com.adobe.ag.kernel            0x0000000102c91b01 0x102c88000 + 39681
13  com.adobe.ag.kernel            0x0000000102c924c2 lua_resume + 113
14  com.adobe.ag.kernel            0x0000000102c8cc5b 0x102c88000 + 19547
15  com.adobe.ag.kernel            0x0000000102c8cadb 0x102c88000 + 19163
16  com.adobe.ag.kernel            0x0000000102c91fba 0x102c88000 + 40890
17  com.adobe.ag.kernel            0x0000000102ca12a8 0x102c88000 + 103080
18  com.adobe.ag.kernel            0x0000000102c92422 0x102c88000 + 42018
19  com.adobe.ag.kernel            0x0000000102c91b01 0x102c88000 + 39681
20  com.adobe.ag.kernel            0x0000000102c9267e 0x102c88000 + 42622
21  com.adobe.ag.kernel            0x0000000102c8a237 lua_pcall + 102
22  com.adobe.ag.kernel            0x0000000102c8c055 0x102c88000 + 16469
23  com.adobe.ag.kernel            0x0000000102c91fba 0x102c88000 + 40890
24  com.adobe.ag.kernel            0x0000000102ca12a8 0x102c88000 + 103080
25  com.adobe.ag.kernel            0x0000000102c91b01 0x102c88000 + 39681
26  com.adobe.ag.kernel            0x0000000102c924c2 lua_resume + 113
27  com.adobe.ag.kernel            0x0000000102c8cc5b 0x102c88000 + 19547
28  com.adobe.ag.kernel            0x0000000102c8cadb 0x102c88000 + 19163
29  com.adobe.ag.kernel            0x0000000102c91fba 0x102c88000 + 40890
30  com.adobe.ag.kernel            0x0000000102ca12a8 0x102c88000 + 103080
31  com.adobe.ag.kernel            0x0000000102c92422 0x102c88000 + 42018
32  com.adobe.ag.kernel            0x0000000102c91b01 0x102c88000 + 39681
33  com.adobe.ag.kernel            0x0000000102c9267e 0x102c88000 + 42622
34  com.adobe.ag.kernel            0x0000000102c8a237 lua_pcall + 102
35  com.adobe.ag.kernel            0x0000000102c8c055 0x102c88000 + 16469
36  com.adobe.ag.kernel            0x0000000102c91fba 0x102c88000 + 40890
37  com.adobe.ag.kernel            0x0000000102ca12a8 0x102c88000 + 103080
38  com.adobe.ag.kernel            0x0000000102c92422 0x102c88000 + 42018
39  com.adobe.ag.kernel            0x0000000102c91b01 0x102c88000 + 39681
40  com.adobe.ag.kernel            0x0000000102c9267e 0x102c88000 + 42622
41  com.adobe.ag.kernel            0x0000000102c8a237 lua_pcall + 102
42  com.adobe.ag.kernel            0x0000000102c8c055 0x102c88000 + 16469
43  com.adobe.ag.kernel            0x0000000102c91fba 0x102c88000 + 40890
44  com.adobe.ag.kernel            0x0000000102ca12a8 0x102c88000 + 103080
45  com.adobe.ag.kernel            0x0000000102c92422 0x102c88000 + 42018
46  com.adobe.ag.kernel            0x0000000102c91b01 0x102c88000 + 39681
47  com.adobe.ag.kernel            0x0000000102c9267e 0x102c88000 + 42622
48  com.adobe.ag.kernel            0x0000000102c8a237 lua_pcall + 102
49  com.adobe.ag.kernel            0x0000000102c8c055 0x102c88000 + 16469
50  com.adobe.ag.kernel            0x0000000102c91fba 0x102c88000 + 40890
51  com.adobe.ag.kernel            0x0000000102ca12a8 0x102c88000 + 103080
52  com.adobe.ag.kernel            0x0000000102c92422 0x102c88000 + 42018
53  com.adobe.ag.kernel            0x0000000102c8a1b4 lua_call + 39
54  com.adobe.ag.ui                0x0000000102ce1518 AgCommand_performCommandID + 85
55  com.apple.AppKit              0x00007fff50903a43 -[NSApplication(NSResponder) sendAction:to:from:] + 312
56  com.apple.AppKit              0x00007fff50398213 -[NSMenuItem _corePerformAction] + 323
57  com.apple.AppKit              0x00007fff50397f9b -[NSCarbonMenuImpl performActionWithHighlightingForItemAtIndex:] + 114
58  com.apple.AppKit              0x00007fff50396dff -[NSMenu performKeyEquivalent:] + 363
59  com.apple.AppKit              0x00007fff509026a9 routeKeyEquivalent + 884
60  com.apple.AppKit              0x00007fff508ffce0 -[NSApplication(NSEvent) sendEvent:] + 1096
61  com.adobe.ag.ui                0x0000000102d4bba5 0x102cd6000 + 482213
62  com.apple.AppKit              0x00007fff501608b5 -[NSApplication run] + 812
63  com.apple.AppKit              0x00007fff5012fa72 NSApplicationMain + 804
64  com.adobe.LightroomClassicCC7 0x00000001027b65fe main + 1566
65  libdyld.dylib                  0x00007fff7aa17015 start + 1
Photo of John R. Ellis

John R. Ellis, Champion

  • 4015 Posts
  • 1060 Reply Likes

Posted 2 months ago

  • 1

Be the first to post a reply!