Lately /me came across a app-crash whose logs were indicating that the issue was in the logger itself, the error read: "URIError: malformed URI sequence"

Digging through the debug logs I reached a point in the logger were there was log for an a Object which looked like:

1

querystring.unescape(querystring.stringify(obj))

Where querystirng was node's inbuilt querystring lib.

Test case was all green for this particular method, I tired to break this with different types of inputs and wasn't able to break it at one shot.

Further, digging into the node source, querystring there was this sweet line throw new URIError('URI malformed'); which was exactly i was looking for and the comment also read: // Surrogate pair, that was a big clue, so played around a bit with unicode surrogate pair and after a while I was able to reproduce the error!

So a half surrogate pair, anything in the range of \uD800 to \uDFFF would break querystring.stringify:

1
2
3
4
5
6
7
8
9
10
11
12
13
14

> const data = {meow: '\uDFFF'};

> querystring.stringify(data)
URIError: URI malformed
    at QueryString.escape (querystring.js:154:13)
    at Object.QueryString.stringify.QueryString.encode (querystring.js:210:24)
    at repl:1:13
    at realRunInThisContextScript (vm.js:22:35)
    at sigintHandlersWrap (vm.js:98:12)
    at ContextifyScript.Script.runInThisContext (vm.js:24:12)
    at REPLServer.defaultEval (repl.js:346:29)
    at bound (domain.js:280:14)
    at REPLServer.runBound [as eval] (domain.js:293:12)
    at REPLServer.onLine (repl.js:544:10)

P.S: I also did a twitter thread (pop quiz on JS) for the fun of it!

#node pop quiz, provide a value for data that would break the below LOC:

`querystring.unescape(querystring.stringify(data))`

— Hemanth.HM (@GNUmanth) March 1, 2017