How a grammar error tripped up Apple

By on
How a grammar error tripped up Apple

Opinion: Bug introduced by coding mistake.

Many people are aware of the dangers of missed punctuation, but may not be aware of the extreme dangers of similar missing punctuation in computer code.

Certainly, developers at Apple have been reminded of this with last week's revelation of a bug that makes the secure communication of all of Apple’s devices fail and if exploited, all transactions and conversations visible to attackers.

Apple has since issued fixes for the issue across both its mobile and laptop devices.

The bug has proved a major embarrassment for Apple, especially when it became known that the bug was caused by an unintended slip of grammar by an Apple developer.

Computer code is written in various languages that follow rules of grammar in much the same way as any spoken language does. Like a spoken language, computer languages like “C” and “C++” and Apple’s favourite “Objective-C”, use braces “{“ and “}” to mark the beginning and end of statements that should be treated together.

What happened with the bug that the Apple developer introduced is that the programmer didn’t use any braces for a piece of code that looked something like:

[1] if (certificate check is not valid)
[2]   goto fail;
[3]   goto fail;
[4] if (next certificate check is not valid)
[5]   goto fail;

The problem lies with the line of code [3], the extra “goto fail”. It is a redundant line of code that was left in by error. The developer didn’t notice it because he or she wasn’t using braces - a convention that is allowed in coding in C if there is only one single line after the if statement [1].

Because of the fact that there wasn’t a brace, it looked like line [3] was part of the if statement, but it wasn’t, and would therefore stop the check on line [4] from ever being run.

What the code should have looked like is this:

[1] if (certificate check is not valid) {
[2]   goto fail;
[3] }
[3]   goto fail;
[4] if (next certificate check is not valid) {
[5]   goto fail;
[6] }

Developers commonly use what is called a “walk-through” to detect these types of errors. Each developer sits down with at least one, but usually, two other developers and they explain their code, giving the group a chance to review the code and check it is doing what it should be doing.

This didn’t happen in this case and somewhat surprisingly, despite the code being publicly available, it hadn’t been picked up by any open source developers either.

Adam Langley, a Google developer and the person who explained the source code bug, maintained that a bug of this type was unlikely to happen at Google - but I’m personally not so sure.

People are unreliable at spotting grammatical errors and this is why it is important to adopt practices that minimise the chances of those errors happening.

It is possible to get the language compiler software (the software that converts the code into something the computer can run) to warn against these types of error, but by default it doesn’t have this option switched on.

It is not known whether anyone has exploited this bug yet but it seems unlikely that, despite such claims, it was introduced deliberately for that purpose. There are many ways that hackers can exploit users and subvert security without resorting to this type of unknown bug. 

This article originally appeared at The Conversation and has been republished here with permission.

Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?