search

datatheorem / TrustKit

Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.
MIT License
2.01k stars 362 forks source link

Crash when trying to release NULL #249

Closed CraigSiemens closed 3 years ago

CraigSiemens commented 3 years ago

We've got another crash coming from TrustKit

It looks like it's related to these lines. https://github.com/datatheorem/TrustKit/blob/master/TrustKit/Pinning/ssl_pin_verifier.m#L66-L68

SecCertificateCopySubjectSummary can return NULL but nothing is checking for it before calling release.

Exception Type: EXC_BREAKPOINT (SIGTRAP)
Crashed Thread: 5

Application Specific Information:
*** CFRelease() called with NULL *** > boolValue > containsObject: > hashSubjectPublicKeyInfoFromCertificate: > objectForKeyedSubscript: > timeIntervalSinceReferenceDate

Thread 5 Crashed:
0   CoreFoundation                  0x315fb022c         CFRelease.cold.1
1   CoreFoundation                  0x315e2c534         CFRelease
2   TrustKit                        0x1045c79e0         verifyPublicKeyPin (ssl_pin_verifier.m:68)
3   TrustKit                        0x1045ced10         -[TSKPinningValidator evaluateTrust:forHostname:] (TSKPinningValidator.m:126)
4   TrustKit                        0x1045cf0e0         -[TSKPinningValidator handleChallenge:completionHandler:] (TSKPinningValidator.m:202)
CraigSiemens commented 3 years ago

One interesting thing to note, we've seen this occur for 21 users so far, and all are on iOS >= 14.4. Seeing as how we didn't start seeing this crash until recently, it appears something has changed with iOS 14.4 to make this crash start happening.