Document management: Difference between revisions

From Hackspire
Jump to navigation Jump to search
Line 10: Line 10:
*An error message is displayed when a document with containing a '''not well-formed''' XML file is open.
*An error message is displayed when a document with containing a '''not well-formed''' XML file is open.
*'''Adding''', removing or renaming files (XML or not) in the TNS displays the error.
*'''Adding''', removing or renaming files (XML or not) in the TNS displays the error.
*Specifying an '''invalid ''type'' attribute''' (for example "TI.Notepaddd" instead of "TI.Notepad")  in a ''wdgt'' tag of a problem displays an empty frame instead.
*Specifying an '''invalid ''type'' attribute''' (for example "TI.Notepaddd" instead of "TI.Notepad")  in a ''<wdgt>'' tag of a problem displays an empty frame instead.
*Text added '''between the tags''' of the problems ("mixt-content") is ignored.
*Text added '''between the tags''' of the problems ("mixt-content") is ignored.
*Changing the '''version attribute''' of a problem displays the error.
*Changing the '''version attribute''' of a problem displays the error.
Line 16: Line 16:
* An ''XML external entity'' defined inline to try to read system files is ignored (not displayed), whether an relative or absolute path is used (but perhaps more possible file paths should be tested).
* An ''XML external entity'' defined inline to try to read system files is ignored (not displayed), whether an relative or absolute path is used (but perhaps more possible file paths should be tested).
*'''Format markup''' of the Notepad widget (for example <tt>Applications \1keyword \</tt> which would render "Applications" as a keyword): nothing special found.
*'''Format markup''' of the Notepad widget (for example <tt>Applications \1keyword \</tt> which would render "Applications" as a keyword): nothing special found.
*If the '''attribute ''clay'' ''' (card layout identifier) of the ''<card>'' tag is set to 1 ("vertical split", the identifiers are the ones found in the menu ''Page Layout/Select layout'' - 1) instead of 0 (full screen), the calculator reboots because of a crash, since there is only one widget in the card instead of 2. It also reboots if the identifier is incorrect (8 or greater. Negative identifers not tested).
*If the '''height of a splitted card''' (attributes h1, h2, ...) is set to a negative number, the part of the card is not displayed but the TI-Nspire doesn't crash.
*Sending a TNS file of 25KB of '''uncompressed size'''/2KB of compressed size make the TI-Nspire freeze for a few minutes when open, then make it display an error message indicating that the document could not be open. During the opening the Computer Link Software can't communicate with the TI-Nspire, although it is correctly detected as a USB device by the computer when unplugged a re-plugged. Files of more than 25KB of uncompressed size seems to make the TI-Nspire hang forever.
*'''Documents bigger''' than the current storage capacity are refused by the Computer Link Software.

Revision as of 21:20, 14 August 2007

Document format

A .tns file is a PK-ZIP file containg several XML files. Document.xml corresponds to the options of the Document settings dialog box of the OS (some options can't be configured graphically). An XML file exists for each problem of the document (Problem1.xml, Problem2.xml, and so on).

Document format tests

Bold words are used as keyword for quick reference.

Please keep in mind before adding any elements to this list that as long as a way to bypass the downgrade protection as not be found, too many details on leads to possible exploits to execute arbitrary code should preferably not be posted here.

  • The Computer Link Software doesn't check anything except the file extension.
  • Compression format: TNS files compressed with the graphical frontend of 7-Zip are accepted. The command-line version of 7-Zip and Windows XP's native zipper produce an error message when the document is open on the TI-Nspire. Cygwin's zip command make the calculator reboot. The TI-Nspire probably uses a custom decompressor (yet the About screen mentions that zlib is use6d by the OS).
  • An error message is displayed when a document with containing a not well-formed XML file is open.
  • Adding, removing or renaming files (XML or not) in the TNS displays the error.
  • Specifying an invalid type attribute (for example "TI.Notepaddd" instead of "TI.Notepad") in a <wdgt> tag of a problem displays an empty frame instead.
  • Text added between the tags of the problems ("mixt-content") is ignored.
  • Changing the version attribute of a problem displays the error.
  • Any DTD assigned or added to XML files is ignored.
  • An XML external entity defined inline to try to read system files is ignored (not displayed), whether an relative or absolute path is used (but perhaps more possible file paths should be tested).
  • Format markup of the Notepad widget (for example Applications \1keyword \ which would render "Applications" as a keyword): nothing special found.
  • If the attribute clay (card layout identifier) of the <card> tag is set to 1 ("vertical split", the identifiers are the ones found in the menu Page Layout/Select layout - 1) instead of 0 (full screen), the calculator reboots because of a crash, since there is only one widget in the card instead of 2. It also reboots if the identifier is incorrect (8 or greater. Negative identifers not tested).
  • If the height of a splitted card (attributes h1, h2, ...) is set to a negative number, the part of the card is not displayed but the TI-Nspire doesn't crash.
  • Sending a TNS file of 25KB of uncompressed size/2KB of compressed size make the TI-Nspire freeze for a few minutes when open, then make it display an error message indicating that the document could not be open. During the opening the Computer Link Software can't communicate with the TI-Nspire, although it is correctly detected as a USB device by the computer when unplugged a re-plugged. Files of more than 25KB of uncompressed size seems to make the TI-Nspire hang forever.
  • Documents bigger than the current storage capacity are refused by the Computer Link Software.