7 things that lead to f***up

Transcript

1. Long time ago in a galaxy far-far-away

2. 7 things that lead to f***up Petro Korienev, iOS Engineer

   especially for i4☕ ver.1

3. Sponsored by...

4. The problem • UIWebView-based browser application for iOS • After

   an iteration the regression issue is found • Login to google accounts (mail, drive etc.) is not persisted between app launches on iOS 9

5. Thing #1 Don’t ever work with UIWebView-based browser

6. How to achieve

7. Investigation • UIWebView stores cookies in .binarycookies format on disk

   • Somehow it’s started to fail to read written cookies • [[NSHTTPCookieStorage sharedCookieStorage] allCookies] is nil

8. The root-cause • We’ve adopted on-the-fly proprietary disk encryption solution

   • “on-the-fly” means “magic” • We’ve broken cookies storing mechanism
9. None
10. None

11. Thing #2 With great power comes great responsibility. Don’t rely

    on magic. Until you understand it.
12. None

13. How to achieve pod ‘AwesomeMagicWand.. pod ‘SilverBullet.. pod ‘GoldenHammer

14. Deep investigation • Encryption library hooks UNIX file-system functions. •

    200-line function with comparisons to string literals, magic numbers, system imports constants etc. • around 70-80 hooked unix implementations • And todo 17 Jan 2003

15. Meanwhile, - 2 DEBUG DAYS...

16. • System calls atomic write to cookies file • File

    is written to temp • File is moved to original • Appropriate encryption applied • Hooked move is called on iOS 8 and not on iOS 9 Result

17. • AdHoc for encryption solution - ignore “_tmp_” pattern •

    Initial vector for encryption is the same for temp/original • Profit Solution

18. Resolution on code- review : rework in next iteration

19. Thing #3 Never break KISS-principle. Doing things well might be

    expensive. Overly expensive

20. How to achieve

21. • Get the hook working on iOS 9 • symbolic

    breakpoints on UNIX-functions • debug symbol stubs • compare across different versions of iOS The next iteration

22. • XCode->Debug->Always show disassembly • symbolic breakpoints on UNIX-functions •

    debug symbol stubs • compare across different versions of iOS Tools
23. None

24. Thing #4 If you see use a previous document, you

    are most-likely doing something wrong.

25. How to achieve Get back to original task and ask

    PO - probably we should skip it? Ask colleagues.

26. Collective mind has given me a link

27. It didn’t work for this case neither. But trying it

    first i could save a time. And for sure I could find it myself. The library works exactly as the needed hook code

28. Thing #5 Never skip google.com step...

29. How to achieve

30. Ages of debugging on device, a week spent on implementing

    this for ARM architecture, offset calculations, reading Mach-O spec and i got the stubs working on iOS 9 I’ve written the solution

31. Used structs

32. Thing #6 Always run on device. Never rely on simulator

33. I did

34. I was inspired by my awkward solution. I’ve reversed a

    big bunch of a format. I forgot about initial issue with login, cookies, etc... Once upon a time...

35. EXC_BAD_ACCESS (CODESIGN)

36. Thing #7 Always try as a user Without debugger, Carl

37. Under debugger, you can There are also some restrictions, bugs,

    etc. Try as a user You can’t modify an executable memory

38. There are more things that lead to fuckup…

39. THANKS FOR YOUR ATTENTION