iOS SSID format string bug is preventable
After joining my personal WiFi with the SSID “%p%s%s%s%s%n”, my iPhone permanently disabled it’s WiFi functionality. Neither rebooting nor changing SSID fixes it :~)
The SSID format string bug in iOS WiFi service has been making rounds on social media. This blog post nicely pinpoints the root cause to concatenating the SSID with a string and passing the result to a logging method that uses it as a format string. Let’s see how modern APIs like the ones of the {fmt} formatting library and C++20 std::format can prevent this.
First, let’s adapt the problematic SSID "%p%s%s%s%s%n" to the format string syntax used by {fmt} which is based on Python’s format. The %n specifier where n stands for “notorious” is intentionally unsupported but it’s irrelevant because the crash occurs when processing one of the %s specifiers. Other than that the translation is pretty straightforward: "{:p}{:s}{:s}{:s}{:s}". Note that all of these specifiers can be omitted ("{}{}{}{}{}") as they are equivalent to the defaults.
There are two problems in the original issue. The first one is that external data is passed as a format string. This is easily solved with compile-time format string validation, for example
