[YKFOTPSession] Crash happens on iOS 15 when entering background

[leitlia]

Howdy!

We found a recurring crash coming from the YubiKit Framework. The part what is crashed could be found in YKFOTPSession, where the NFCNDEFReaderSession is used. The problem occurs only on iOS 15, where the didInvalidateWithError delegate method called not only once, and the nfcOTPResponseBlock is set to nil on the first run , but on the second it will crash because of the EXEC_BAD_ADDRESS. Blocks are C level stuff, and don't have the neat objc_message nil checking guard over them.

I could reproduce not only in our project, but on a fresh single view application. I think not only our product is affected by this.

1. My idea would be, it does not have to be set to nil every time. In theory the object which holds the Block's pointer should dealloc on its destruction. So could leave on.
2. Or the delegate mechanism would be very nice, and convenient in this situation. It would not harm the pattern.

I can do any direction:

WDYT?

@jensutbult Thanks for your attention.

[jensutbult]

I've failed to reproduce the error. Which specific version of iOS is it that causes the crash? Can you share your sample app?

[leitlia]

Hey! Thanks for stopping by! Hope you are doing well!

I attach all the necessary information here:

• Empty project only YubiKit 4.1.0 in Pods YubiKitTest.zip e
• Place of crash
• video of repro

YubiKitTest_Crash_Repro_720p

Repro steps in this project:

• init NFC by tapping on screen
• the OS level NFC hold to device appears
• Cancel
• put app in background
• bring app in foreground
• boom...

[jensutbult]

Thanks for the thorough report! The bug has been fixed in the linked PR and there's also a sample project to validate the fix here: https://github.com/jensutbult/OTP-Crash

[WWSellers]

I am also curious to know which version of iOS 15 and which iPhone model exhibited the issue. It would be good to get ahead of a possible support problem related to NFC keys.

[jensutbult]

I have a somewhat limited amount of test phones but I've verified the bug on iOS 15.1 and 15.1.1 on both iPhone 12 and 13. The bug is also present on an iPhone 11 running iOS 15.0. You should expect this bug to affect all current models of iPhones that are capable of running iOS 15. However, note that this crash only happens when you read an OTP using the YKFNFCOTPSession which is using the NFCNDEFReaderSession from Apple. I've failed to replicate the crash with our other sessions that are all using the NFCTagReaderSession for communication with the YubiKey.

[leitlia]

Thanks for the update. That is all correct what @jensutbult mentioned! It appeared in iOS 15 every minor/patch version of the OS(for us)! The devices also varied:

• I used iPhone 12 mini, XS Max
• Colleague used iPhone SE 2nd gen