Mojira Archive
MCPE-10824

Crashing or Performance Drop displaying certain unicode characters

Typing or sending a message containing any unicode character with a charcode of 0x08XX or any character with a charcode between 0xD800 to 0xF899 will cause the game to crash. The reason for this is because there are no char maps containing the specified chars, and the game doesn't do error checking to make sure the char symbol exists. An example of said char is \u0800: ࠀ

Typing a message containing one of each character from every char map causes the game to slowdown or freeze downright. Doing this forces the game to load and bind all char map textures at the same time, then have to bind each char map texture at least once every frame until the text disappears from the screen. An example of said message can be found here: http://pastebin.com/aTsZ9Le4

Spamming this message on a server (from a PC or other device) causes all mobile clients to slow down or completely freeze up; however, this does not seem to affect MC10 clients quite as harshly, likely due to better hardware.

Attached are two graphs made using Adreno Profiler showing the FPS of MCPE running on my phone while receiving the message (sort attachments by date for the correct order). The first graph shows how the client momentarily freezes then suffers from worse performance after receiving the message. The second graph shows the result of spamming the message repeatedly on a server causing a massive performance dip reaching performance as low as 5 FPS.

The third attachment shows the draw calls and texture bindings per frame. This unicode "text bomb" adds as much as 5300 additional draw calls, and forces the game to bind textures 5250 times, resulting in lag. The fourth attachment shows the game without the text bomb on screen as reference.

The only way to protect against this kind of attack is to either:

  • do not render text that falls off screen; implement some way to keep track of whether or not the current line being drawn is actually on the screen
  • limit the amount of char maps a string of text can use

Cannot Reproduce

Matt S

2015-09-21, 12:57 AM

2018-01-03, 04:47 PM

2018-01-03, 04:46 PM

0

3

Confirmed

0.12.1 - 0.14.30.12.1, 0.13.0, 0.13.1, 0.14.0 Beta 4, 0.14.3

-