iOS App Crashes When Vault Contains U+200E (Left-to-Right Mark) in Secure Notes or Card Fields #3

New Issue

AtHeartEngineer · 2025-07-08T08:37:09-04:00

AtHeartEngineer commented

2025-07-08 08:37:09 -04:00

Originally created by @cedwardsmedia on 7/7/2025

Vaultwarden Support String

Your environment (Generated via diagnostics page)

Vaultwarden version: v1.34.1-6b9333b3
Web-vault version: v2025.6.0
OS/Arch: linux/x86_64
Running within a container: true (Base: Alpine)
Database type: SQLite
Database version: 3.50.1
Uses config.json: true
Uses a reverse proxy: true
IP Header check: true (X-Real-IP)
Internet access: true
Internet access via a proxy: false
DNS Check: true
Browser/Server Time Check: true
Server/NTP Time Check: true
Domain Configuration Check: true
HTTPS Check: true
Websocket Check: false
HTTP Response Checks: true

Config & Details (Generated via diagnostics page)

Show Config & Details

Environment settings which are overridden: DOMAIN, SIGNUPS_ALLOWED, ADMIN_TOKEN, SMTP_HOST, SMTP_SECURITY, SMTP_PORT, SMTP_FROM, SMTP_USERNAME, SMTP_PASSWORD

Config:

{
  "_duo_akey": "***",
  "_enable_duo": true,
  "_enable_email_2fa": false,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://*************************",
  "domain_origin": "*****://*************************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": "api-71aa8e72.duosecurity.com",
  "duo_ikey": "DIHA1S1ECC5FYNGZ8E3Q",
  "duo_skey": "***",
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "push_enabled": true,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": true,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "*************************",
  "smtp_from_name": "Vaultwarden",
  "smtp_host": "**************",
  "smtp_password": "***",
  "smtp_port": 465,
  "smtp_security": "force_tls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "*************************",
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Vaultwarden Build Version

1.34.1-3b48e6e9

Deployment method

Official Container Image

Custom deployment method

No response

Reverse Proxy

nginx proxy manager v2.12.3

Host/Server Operating System

Linux

Operating System Version

Alpine

Clients

iOS

Client Version

v2025.6.0

Steps To Reproduce

Steps to Reproduce:

Add a card or note with a value like ‎5290999873238381‎ (with U+200E on either side)
Save the item
Open the iOS Bitwarden app and log in
Attempt to access the vault
App shows generic error or fails to sync

Expected Result

The expected result is that the client would load the vault correctly and, if absolutely necessary, only report an error occurred if and when the affected vault item is accessed.

Actual Result

The actual result is that the client simply reports "An error occurred." with no detail. The only way I was able to get the error details was to downgrade to the previous server release.

Logs

BitwardenSdk.(unknown context at $105d78f7c).UniffiInternalError.rustPanic("byte index 2 is not a char boundary; it is inside \'\\u{200e}\' (bytes 0..3) of ‎5290999873238381‎")
byte index 2 is not a char boundary; it is inside '\u{200e}' (bytes 0..3) of ‎5290999873238381‎

Stack trace:
0   BitwardenShared                     0x0000000104ce1244 __swift_memcpy81_8 + 73732
1   BitwardenShared                     0x0000000104ac3ca9 objectdestroy.13Tm + 11569
2   BitwardenShared                     0x0000000104a7a699 objectdestroyTm + 1909
3   BitwardenShared                     0x00000001050cd3a9 objectdestroy.60Tm + 133837
4   BitwardenShared                     0x00000001050ca8bd objectdestroy.60Tm + 122849
5   BitwardenShared                     0x0000000104bbbee5 __swift_memcpy96_8 + 240357
6   BitwardenShared                     0x0000000104a7a699 objectdestroyTm + 1909
7   BitwardenShared                     0x0000000104fd96d5 objectdestroy.12Tm + 905
8   BitwardenShared                     0x00000001050e621d objectdestroy.60Tm + 235841
9   BitwardenShared                     0x0000000104a7a699 objectdestroyTm + 1909
10  SwiftUI                             0x000000018a9241fd 165D3305-401E-37C2-8387-C1BFB54CFFDE + 3105277
11  SwiftUI                             0x000000018a9241fd 165D3305-401E-37C2-8387-C1BFB54CFFDE + 3105277
12  SwiftUI                             0x000000018a93da09 165D3305-401E-37C2-8387-C1BFB54CFFDE + 3209737
13  SwiftUI                             0x000000018a925e05 165D3305-401E-37C2-8387-C1BFB54CFFDE + 3112453
14  libswift_Concurrency.dylib          0x00000001919e1241 DCB9E73A-92BA-3782-BC6D-3E1906622689 + 414273

Binary images:
Bitwarden:               0x0000000104774000
BitwardenShared:         0x0000000104a68000
BitwardenKit:            0x0000000106a40000

User ID: b2166d8c-b156-467e-ab3c-caef63bf531c
Version: 2025.6.0 (2235)
📱 iPhone16,1 🍏 iOS 18.5 📦 Production
🧱 commit: bitwarden/ios/release/2025.06-rc10@ff06d9c6cc8da89f78f37f376495800201d7261a
💻 build source: bitwarden/ios/actions/runs/15831780687/attempts/1

Screenshots or Videos

No response

Additional Context

Upon reviewing the attached log output, I was able to locate the afflicted vault item and remove it. Doing so immediately stopped the iOS app from throwing errors and everything returned to normal.

Worth noting: The web front-end and Firefox extensions do not appear to suffer from this issue. I was able to use the web front-end to remove the item causing the error.

*Originally created by @cedwardsmedia on 7/7/2025* ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.34.1-6b9333b3 * Web-vault version: v2025.6.0 * OS/Arch: linux/x86_64 * Running within a container: true (Base: Alpine) * Database type: SQLite * Database version: 3.50.1 * Uses config.json: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Websocket Check: false * HTTP Response Checks: true ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Environment settings which are overridden:** DOMAIN, SIGNUPS_ALLOWED, ADMIN_TOKEN, SMTP_HOST, SMTP_SECURITY, SMTP_PORT, SMTP_FROM, SMTP_USERNAME, SMTP_PASSWORD **Config:** ```json { "_duo_akey": "***", "_enable_duo": true, "_enable_email_2fa": false, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://*************************", "domain_origin": "*****://*************************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": "api-71aa8e72.duosecurity.com", "duo_ikey": "DIHA1S1ECC5FYNGZ8E3Q", "duo_skey": "***", "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 600000, "push_enabled": true, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": true, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "*************************", "smtp_from_name": "Vaultwarden", "smtp_host": "**************", "smtp_password": "***", "smtp_port": 465, "smtp_security": "force_tls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "*************************", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Vaultwarden Build Version 1.34.1-3b48e6e9 ### Deployment method Official Container Image ### Custom deployment method _No response_ ### Reverse Proxy nginx proxy manager v2.12.3 ### Host/Server Operating System Linux ### Operating System Version Alpine ### Clients iOS ### Client Version v2025.6.0 ### Steps To Reproduce Steps to Reproduce: 1. Add a card or note with a value like ‎5290999873238381‎ (with U+200E on either side) 2. Save the item 3. Open the iOS Bitwarden app and log in 4. Attempt to access the vault 5. App shows generic error or fails to sync ### Expected Result The expected result is that the client would load the vault correctly and, if absolutely necessary, only report an error occurred if and when the affected vault item is accessed. ### Actual Result The actual result is that the client simply reports "An error occurred." with no detail. The only way I was able to get the error details was to downgrade to the previous server release. ### Logs ```text BitwardenSdk.(unknown context at $105d78f7c).UniffiInternalError.rustPanic("byte index 2 is not a char boundary; it is inside \'\\u{200e}\' (bytes 0..3) of ‎5290999873238381‎") byte index 2 is not a char boundary; it is inside '\u{200e}' (bytes 0..3) of ‎5290999873238381‎ Stack trace: 0 BitwardenShared 0x0000000104ce1244 __swift_memcpy81_8 + 73732 1 BitwardenShared 0x0000000104ac3ca9 objectdestroy.13Tm + 11569 2 BitwardenShared 0x0000000104a7a699 objectdestroyTm + 1909 3 BitwardenShared 0x00000001050cd3a9 objectdestroy.60Tm + 133837 4 BitwardenShared 0x00000001050ca8bd objectdestroy.60Tm + 122849 5 BitwardenShared 0x0000000104bbbee5 __swift_memcpy96_8 + 240357 6 BitwardenShared 0x0000000104a7a699 objectdestroyTm + 1909 7 BitwardenShared 0x0000000104fd96d5 objectdestroy.12Tm + 905 8 BitwardenShared 0x00000001050e621d objectdestroy.60Tm + 235841 9 BitwardenShared 0x0000000104a7a699 objectdestroyTm + 1909 10 SwiftUI 0x000000018a9241fd 165D3305-401E-37C2-8387-C1BFB54CFFDE + 3105277 11 SwiftUI 0x000000018a9241fd 165D3305-401E-37C2-8387-C1BFB54CFFDE + 3105277 12 SwiftUI 0x000000018a93da09 165D3305-401E-37C2-8387-C1BFB54CFFDE + 3209737 13 SwiftUI 0x000000018a925e05 165D3305-401E-37C2-8387-C1BFB54CFFDE + 3112453 14 libswift_Concurrency.dylib 0x00000001919e1241 DCB9E73A-92BA-3782-BC6D-3E1906622689 + 414273 Binary images: Bitwarden: 0x0000000104774000 BitwardenShared: 0x0000000104a68000 BitwardenKit: 0x0000000106a40000 User ID: b2166d8c-b156-467e-ab3c-caef63bf531c Version: 2025.6.0 (2235) 📱 iPhone16,1 🍏 iOS 18.5 📦 Production 🧱 commit: bitwarden/ios/release/2025.06-rc10@ff06d9c6cc8da89f78f37f376495800201d7261a 💻 build source: bitwarden/ios/actions/runs/15831780687/attempts/1 ``` ### Screenshots or Videos _No response_ ### Additional Context Upon reviewing the attached log output, I was able to locate the afflicted vault item and remove it. Doing so immediately stopped the iOS app from throwing errors and everything returned to normal. Worth noting: The web front-end and Firefox extensions do not appear to suffer from this issue. I was able to use the web front-end to remove the item causing the error.

AtHeartEngineer closed this issue

2025-07-08 08:37:10 -04:00

AtHeartEngineer added the bug bug bug labels 2025-07-08 08:37:11 -04:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#3