MacRumors

macrumors bot
Original poster
Apr 12, 2001
53,523
15,251


A wireless network naming bug has been discovered in iOS that effectively disables an iPhone's ability to connect to Wi-Fi.

ios-wifi-settings.jpg

Security researcher Carl Schou found that after joining a Wi-Fi network with the name "%p%s%s%s%s%n" his iPhone's Wi-Fi functionality was left "permanently disabled."

Changing a hotspot's SSID did nothing to correct the problem, with even a reboot failing to make a difference, according to BleepingComputer.

Other users who were able to replicate the issue have suggested the bug could be related to the initial use in the network name of the percentage sign, which leads to an input parsing issue whereby iOS mistakenly interprets the letters following the "%" as a string-format specifier.


In C and C-style languages, string format specifiers have a special meaning and are parsed by the language compiler as a variable name or a command instead of standard text.

Android phones don't seem to be affected by the same network, but iPhones hit by the problem need to have their network settings reset before a Wi-Fi hotspot can be connected again.

To perform the reset, open the Settings app, tap General -> Reset, then tap Reset Network Settings and confirm the request at the prompt.

Article Link: iOS Bug Causes Specific Network Name to Disable Wi-Fi on iPhones
 
  • Wow
Reactions: RandomDSdevel

bsolar

macrumors 65816
Jun 20, 2011
1,076
784
I always wonder how people find these kinds of bugs. Do they just sit around all day trying random stuff in varying succession until something breaks?🤯

C format string vulnerabilities are a well known danger, see e.g. this paper on the matter.

Properly implemented software should always sanitize the input, which is the reason the SSID was chosen like that. The SSID was likely merely meant as a joke as it should not cause anything special to happen as long as the software is implemented properly.

Sadly it seems it's not the case on the iPhone.
 

bsolar

macrumors 65816
Jun 20, 2011
1,076
784
Agreed. Who cares about a bug that will effect literally one person out of 1 billion, when there are bigger fish to fry.

It affects basically nobody as long as it's just a joke SSID encountered by chance, but it highlights a vulnerability in the software which malicious actors can further investigate and potentially have the chance to further exploit.

That's why Apple should promptly fix the root issue before worse exploits have a chance to happen.
 

I7guy

macrumors Penryn
Nov 30, 2013
26,566
14,902
Gotta be in it to win it
It affects basically nobody as long as it's just a joke SSID encountered by chance, but it highlights a vulnerability in the software which malicious actors can further investigate and potentially have the chance to further exploit.
Maybe. The question is how deep does this issue run.
That's why Apple should promptly fix the root issue before worse exploits have a chance to happen.
Absolutely. This should be fixed according to the severity, ease of invocation, amount of damage etc.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.