Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crash at ssl_pin_verifier.m - Line 43 #307

Open
JuhaO81 opened this issue Jun 27, 2023 · 4 comments
Open

Crash at ssl_pin_verifier.m - Line 43 #307

JuhaO81 opened this issue Jun 27, 2023 · 4 comments

Comments

@JuhaO81
Copy link

JuhaO81 commented Jun 27, 2023

We updated from 2.0.1 to 3.0.2 and I can now see some crashes coming from Trustkit. We only have call stack as this happens with our production app.

Call stack:
trust
0 libsystem_kernel.dylib 0xc84 mach_msg2_trap + 8
1 libsystem_kernel.dylib 0x13b54 mach_msg2_internal + 80
2 libsystem_kernel.dylib 0x13e2c mach_msg_overwrite + 540
3 libsystem_kernel.dylib 0x11c8 mach_msg + 24
4 libdispatch.dylib 0x1f20c _dispatch_mach_send_and_wait_for_reply + 548
5 libdispatch.dylib 0x1f59c dispatch_mach_send_with_result_and_wait_for_reply + 60
6 libxpc.dylib 0x10218 xpc_connection_send_message_with_reply_sync + 240
7 Security 0x75e4 securityd_message_with_reply_sync + 124
8 Security 0x115e4 securityd_send_sync_and_do + 88
9 Security 0x1ddb8 __SecTrustEvaluateIfNecessary_block_invoke_3 + 516
10 Security 0xa4d0 SecOSStatusWith + 56
11 Security 0xf5ed4 __SecTrustEvaluateIfNecessary_block_invoke_2 + 116
12 libsystem_trace.dylib 0x72e0 _os_activity_initiate_impl + 64
13 Security 0xf5d50 __SecTrustEvaluateIfNecessary_block_invoke.437 + 292
14 libdispatch.dylib 0x3eac _dispatch_client_callout + 20
15 libdispatch.dylib 0x13428 _dispatch_lane_barrier_sync_invoke_and_complete + 56
16 Security 0xf59a4 SecTrustEvaluateIfNecessary + 532
17 Security 0xcf80 SecTrustEvaluateInternal + 48
18 OUR APP 0x1343270 verifyPublicKeyPin + 43 (ssl_pin_verifier.m:43)
19 OUR APP 0x1346714 -[TSKPinningValidator evaluateTrust:forHostname:] + 126 (TSKPinningValidator.m:126)
20 OUR APP 0x1346a44 -[TSKPinningValidator handleChallenge:completionHandler:] + 203 (TSKPinningValidator.m:203)
21 OUR APP 0x17d9d8 -[NBCertificatePinningChecker performCertificatePinningForChallenge:completionHandler:] + 62 (NBCertificatePinningChecker.m:62)
22 CFNetwork 0x77230 CFURLResponseCreateWithHTTPResponse + 22660
23 libdispatch.dylib 0x2320 _dispatch_call_block_and_release + 32
24 libdispatch.dylib 0x3eac _dispatch_client_callout + 20
25 libdispatch.dylib 0xb534 _dispatch_lane_serial_drain + 668
26 libdispatch.dylib 0xc0d8 _dispatch_lane_invoke + 436
27 libdispatch.dylib 0x16cdc _dispatch_workloop_worker_thread + 648
28 libsystem_pthread.dylib 0xddc _pthread_wqthread + 288
29 libsystem_pthread.dylib 0xb7c start_wqthread + 8
@devsachinsingh
Copy link

Hi,
I am facing the same issue with my application only in production, If you find any solution for this then please share, It will be helpful to us.
Thanks

@JuhaO81
Copy link
Author

JuhaO81 commented Dec 7, 2023

This is now worst crash and would be nice to get this fixed.

@EthanArbuckle
Copy link
Contributor

Hello, is this crash still happening on v3.0.3?

@wmfeuvrel
Copy link

wmfeuvrel commented Apr 18, 2024
edited
Loading

With 3.0.2 I was getting this crash at app launch.
The IOS crash report from TestFlight stated the crash reason as CODESIGNING 2 Invalid Page in thread calling
CFNetwork __NSCFURLSessionDelegateWrapper didReceiveChallenge:completionHandler.

A separate symbolicated crash report further identified the issue as ssl_pin_verifier.m - Line 43. It only occurred in release builds, and only on device.

Upgraded to trustkit 3.0.4 and the issue resolved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@wmfeuvrel @EthanArbuckle @JuhaO81 @devsachinsingh