Parsing specific strings makes the library crash

[andreasmpet]

Trying to parse the following string as a phone number will cause the library to fail: https://c/c/xl/-9

The reason being these lines in NBPhoneNumberUtil.m

       int secondNumberStart = [self stringPositionByRegex:number regex:SECOND_NUMBER_START_PATTERN];
        if (secondNumberStart > 0)
        {
            possibleNumber = [possibleNumber substringWithRange:NSMakeRange(0, secondNumberStart - 1)];
        }

There is no guarantee here that secondNumberStart - 1 < possibleNumber.length and it causes out of bounds access of the string.

[dmaclach]

I'm not actually seeing a failure here.

When I call extractPossibleNumber: with @"https://c/c/xl/-9" as an argument, it returns "9".

On Thu, Oct 12, 2017 at 4:22 AM, Nailer [email protected] wrote:

Trying to parse the following string as a phone number will cause the library to fail: https://c/c/xl/-9

The reason being these lines in NBPhoneNumberUtil.m

   int secondNumberStart = [self stringPositionByRegex:number regex:SECOND_NUMBER_START_PATTERN];
    if (secondNumberStart > 0)
    {
        possibleNumber = [possibleNumber substringWithRange:NSMakeRange(0, secondNumberStart - 1)];
    }

There is no guarantee here that secondNumberStart - 1 < possibleNumber.length and it causes out of bounds access of the string.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/iziz/libPhoneNumber-iOS/issues/210, or mute the thread https://github.com/notifications/unsubscribe-auth/AATiycgoItkM8bFQOFHIbC5lz-HZdjH4ks5srfZlgaJpZM4P22qW .

[andreasmpet]

I tried to trim down the faulty segments of the URL that didn't work. I thought I made it crash with that specific URL. here's the original URL:

https://www.nrk.no/ostfold/xl/kan-ha-vaert-verdens-beste-reklamestunt-1.13712225