JavaScript strings with NULL character are not handled properly

[gaodeng]

🐛 Bug Report

JavaScript strings with NULL character are not handled properly

To Reproduce

<Text style={styles.welcome}>{'Hello \u0000 World'}</Text>

The text is cuted to Hello It does not happen when Debug JS Remotely.

Expected Behavior

Hello World

Code Example

https://github.com/gaodeng/RN-NULL-character-ISSUE

Environment

info 
  React Native Environment Info:
    System:
      OS: macOS 10.14.3
      CPU: (4) x64 Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
      Memory: 282.02 MB / 8.00 GB
      Shell: 3.2.57 - /bin/bash
    Binaries:
      Node: 10.15.1 - /usr/local/bin/node
      Yarn: 1.5.1 - /usr/local/bin/yarn
      npm: 6.8.0 - /usr/local/bin/npm
      Watchman: 4.7.0 - /usr/local/bin/watchman
    SDKs:
      iOS SDK:
        Platforms: iOS 12.1, macOS 10.14, tvOS 12.1, watchOS 5.1
      Android SDK:
        API Levels: 22, 23, 24, 25, 26, 27, 28
        Build Tools: 23.0.1, 25.0.0, 25.0.1, 25.0.2, 25.0.3, 26.0.0, 26.0.1, 26.0.2, 26.0.3, 27.0.2, 27.0.3, 28.0.0, 28.0.3
        System Images: android-18 | Google APIs Intel x86 Atom, android-22 | Google APIs Intel x86 Atom, android-23 | Google APIs Intel x86 Atom_64, android-24 | Intel x86 Atom_64, android-25 | Google APIs ARM EABI v7a, android-25 | Google APIs Intel x86 Atom_64, android-27 | Google APIs Intel x86 Atom, android-P | Google APIs Intel x86 Atom, android-P | Google Play Intel x86 Atom_64
    IDEs:
      Android Studio: 3.3 AI-182.5107.16.33.5314842
      Xcode: 10.1/10B61 - /usr/bin/xcodebuild
    npmPackages:
      react: 16.8.3 => 16.8.3 
      react-native: 0.59.1 => 0.59.1 
    npmGlobalPackages:
      create-react-native-app: 1.0.0
      react-native-cli: 2.0.1
      react-native-create-library: 3.1.2
      react-native-git-upgrade: 0.2.7
      react-native-rename: 2.1.5

[gaodeng]

@kelset It's not just Text component have this issue.Any string with NULL character is cuted when It is passed to native module

[kelset]

Uhm does this happen with both platforms? 🤔

[gaodeng]

Uhm does this happen with both platforms? 🤔 @kelset

RN 0.58 ,RN 0.59 have this issue on both platforms. RN 0.57 only android platform has this issue.

[JKCooper2]

Confirmed repro on Android (Expo 32 => RN 0.57): https://snack.expo.io/@jkcooper/rn24129---null-string-cuts-text

[Michal16511]

Hi any update related to this issue? I have the same issue in my app. I use stomp protocol to communicate with other devices and stomp require null character in the end of message, but I can't send this and whole communication breaks.

[kelset]

no updates on my side, sorry 😓

can anyone test a repro with the latest 0.60 RC?

[stale[bot]]

Hey there, it looks like there has been no activity on this issue recently. Has the issue been fixed, or does it still require the community's attention? This issue may be closed if no further activity occurs. You may also label this issue as a "Discussion" or add it to the "Backlog" and I will leave it open. Thank you for your contributions.

[kelset]

I just tested this on an iOS Simulator running iOS 13, and React Native version 0.60.5 and this is still happening.

[stale[bot]]

Hey there, it looks like there has been no activity on this issue recently. Has the issue been fixed, or does it still require the community's attention? This issue may be closed if no further activity occurs. You may also label this issue as a "Discussion" or add it to the "Backlog" and I will leave it open. Thank you for your contributions.

[FibreFoX]

Some update on this? I can't see any linked commit ... so probably unchanged, hm? Maybe someone could remove the stale-label again?

[halaei]

It seems this bug was reported almost 3 years ago #12731. To me it looks like an issue that needs to be immediately addressed? I don't get why it is not a priority.

[stale[bot]]

Hey there, it looks like there has been no activity on this issue recently. Has the issue been fixed, or does it still require the community's attention? This issue may be closed if no further activity occurs. You may also label this issue as a "Discussion" or add it to the "Backlog" and I will leave it open. Thank you for your contributions.

[stale[bot]]

Hey there, it looks like there has been no activity on this issue recently. Has the issue been fixed, or does it still require the community's attention? This issue may be closed if no further activity occurs. You may also label this issue as a "Discussion" or add it to the "Backlog" and I will leave it open. Thank you for your contributions.

[FibreFoX]

Can some moderator please mark this as "do not close", so that ugly stale-bot does not just cover a not-fixed bug?!?

AFAIK this bug is still present and such NULL-bugs are wild to find.

[stale[bot]]

Hey there, it looks like there has been no activity on this issue recently. Has the issue been fixed, or does it still require the community's attention? This issue may be closed if no further activity occurs. You may also label this issue as a "Discussion" or add it to the "Backlog" and I will leave it open. Thank you for your contributions.

[FibreFoX]

Hey, can some admin/moderator please talk with the stale-bot? This get's kinda annoying to hold this issue up, which got kinda ignored several years ago too: https://github.com/facebook/react-native/issues/12731

[FibreFoX]

This issue still does not have any progress ... why?

[kelset]

Well in the whole year of 2020 literally only 2 people aside from the bot interacted with this issue - so I think it's understandable why it's low priority. Also, if you are in dire need of a fix I would recommend working on a PR yourself, it's an open source project after all.

[FibreFoX]

Hm, especially problems with NULL-terminated strings someday become exploit-surface.

But please remove the stale-bot from trying to close this issue, even if it has low-priority for you, it is a bug and should not just disappear, because a bot closed it @kelset

[gaodeng]

I guess this problem will probably never be fixed, and the best solution for now is to try to migrate to flutter or another actively maintained platform as soon as possible

[pke]

I think this might be a problem of the underlying JS engines (Hermes and jscore) rather than an RN one? Desktop/Browser JS engines have no problem with embedded null characters as it should be because in JS strings length is not determined by a null char but the size is actively set as a member variable in the string object.

[FibreFoX]

It even is the bridge to the engine, or the engine itself. Inproper NULL-termination often becomes some kind of attack-vector for injection attacks or buffer-overflows, therefor I can't understand why this issue doesn't gets a higher priority, especially because this issue was already opened several years ago.

[chakrihacker]

Just tested on hermes, It parses the string with null characters properly without any problem

[github-actions[bot]]

This issue is stale because it has been open 180 days with no activity. Remove stale label or comment or this will be closed in 7 days.

[FibreFoX]

As there is some PR to this, probably the issue is NOT stale .... sad that there is no focus on security-related bugs.

[javache]

Thanks for the ping. I don't believe this has a security impact at the moment, as it will just cause a partial copy of the underlying buffer rather than a complete one. Please do let me know if I'm wrong.

I've reviewed #34300 but I don't believe it's ready to be merged as-is.

[github-actions[bot]]

This issue is stale because it has been open 180 days with no activity. Remove stale label or comment or this will be closed in 7 days.

[github-actions[bot]]

This issue was closed because it has been stalled for 7 days with no activity.

[FibreFoX]

Can someone please tame the close bot please?

[cortinico]

Reopening as this is a valid issue