iOS Bug Causes Specific Network Name to Disable Wi-Fi on iPhones

[MacRumors]

A wireless network naming bug has been discovered in iOS that effectively disables an iPhone's ability to connect to Wi-Fi.

Security researcher Carl Schou found that after joining a Wi-Fi network with the name "%p%s%s%s%s%n" his iPhone's Wi-Fi functionality was left "permanently disabled."

Changing a hotspot's SSID did nothing to correct the problem, with even a reboot failing to make a difference, according to BleepingComputer.

Other users who were able to replicate the issue have suggested the bug could be related to the initial use in the network name of the percentage sign, which leads to an input parsing issue whereby iOS mistakenly interprets the letters following the "%" as a string-format specifier.

https://twitter.com/x/status/1405937492642123782

In C and C-style languages, string format specifiers have a special meaning and are parsed by the language compiler as a variable name or a command instead of standard text.

Android phones don't seem to be affected by the same network, but iPhones hit by the problem need to have their network settings reset before a Wi-Fi hotspot can be connected again.

To perform the reset, open the Settings app, tap General -> Reset, then tap Reset Network Settings and confirm the request at the prompt.

Article Link: iOS Bug Causes Specific Network Name to Disable Wi-Fi on iPhones

 

[GubbyMan]

This will always be relevant https://xkcd.com/327/

 

[Carlson-online]

Pretty sure of course this big will effect nobody as who would use that as a network name ?!

 

[jrhop]

How long must it have taken to find this out!? Surely better things to do.

 

[superapplestar]

On iOS 15 the phone cannot even join such network

 

[PinkyMacGodess]

The real question is why would iOS do anything with the SSID? It's a 'string'. If iOS is choking on it, it shouldn't be looking at it as filet mignon! (Bad analogy warning?) It's like eating the wrapper your hamburger came in. Come on Apple...

 

[acorntoy]

Now Macrumors has led this from ~10 affected idiots to ~10,000. I encourage you to try it though, your device might be special and immune.

 

[PinkyMacGodess]

Now Macrumors has led this from ~10 affected idiots to ~10,000. I encourage you to try it though, your device might be special and immune.

I already thought of setting up a throwaway AP and plugging it in somewhere, like maybe Best Buy, and see how many people have problems.

So, is macOS immune to this flaw? Apparently? Hmm...

 

[PinkyMacGodess]

This will always be relevant https://xkcd.com/327/

Xkcd is ALWAYS relevant! I get the most comments when wearing my xkcd t-shirts.

'What's 'Sodo' mean?' 'So that's what tech support people read to me when I call for help?' 'STOP! Let me read your shirt! You spent how long deciding on what shirt to wear?'

 

[idmean]

are parsed by the language compiler

No, that's precisely not the case. Format specifiers are parsed at run-time. Otherwise this bug wouldn't exist.

 

[itsmeaustend]

This could probably be fixed by going onto a Mac and removing it from your list of known networks.

 

[4nNtt]

Format string bugs are not uncommon in C/C++. Someone used the wrong API. One more reason to port code to safer languages like Swift.

 

[justperry]

Now Macrumors has led this from ~10 affected idiots to ~10,000. I encourage you to try it though, your device might be special and immune.

So, in essence you say there are a lot of idiots on Macrumors.
Well done...

 

[myscrnnm]

I always wonder how people find these kinds of bugs. Do they just sit around all day trying random stuff in varying succession until something breaks?🤯

 

[Octopuss]

I always wonder how people find these kinds of bugs. Do they just sit around all day trying random stuff in varying succession until something breaks?🤯

QA. As software engineer I hate them sometimes, but as tech leader I'm very grateful for their work.

 

[lkrupp]

Pretty sure of course this big will effect nobody as who would use that as a network name ?!

More than that, who would ever choose to connect to a network with that name? But stupid is as stupid does, as we all know.

 

[JetLaw]

Changing my SSID right now to %s%s%s%p to test thi [user disconnected]

 

[Gusjasso]

obviously you’re logging in wrong

 

[I7guy]

Who cares about a bug that will effect literally one person out of 1 billion, when there are bigger fish to fry.

 

[alphaswift]

you’re just holding the phone wrong.

 

[bsolar]

I always wonder how people find these kinds of bugs. Do they just sit around all day trying random stuff in varying succession until something breaks?🤯

C format string vulnerabilities are a well known danger, see e.g. this paper on the matter.

Properly implemented software should always sanitize the input, which is the reason the SSID was chosen like that. The SSID was likely merely meant as a joke as it should not cause anything special to happen as long as the software is implemented properly.

Sadly it seems it's not the case on the iPhone.

 

[bsolar]

Agreed. Who cares about a bug that will effect literally one person out of 1 billion, when there are bigger fish to fry.

It affects basically nobody as long as it's just a joke SSID encountered by chance, but it highlights a vulnerability in the software which malicious actors can further investigate and potentially have the chance to further exploit.

That's why Apple should promptly fix the root issue before worse exploits have a chance to happen.

 

[I7guy]

It affects basically nobody as long as it's just a joke SSID encountered by chance, but it highlights a vulnerability in the software which malicious actors can further investigate and potentially have the chance to further exploit.

Maybe. The question is how deep does this issue run.

That's why Apple should promptly fix the root issue before worse exploits have a chance to happen.

Absolutely. This should be fixed according to the severity, ease of invocation, amount of damage etc.

 

[genovelle]

I always wonder how people find these kinds of bugs. Do they just sit around all day trying random stuff in varying succession until something breaks?🤯

Yep

 

[vegetassj4]

Wifey-gate