[GH-ISSUE #132] Crash When Intercepting URLSessionUploadTask #82

New issue

Closed

opened 2026-03-03 19:11:37 +03:00 by kerem · 2 comments

kerem commented 2026-03-03 19:11:37 +03:00

Owner

Copy link

Originally created by @VaslD on GitHub (Jul 20, 2023).
Original GitHub issue: https://github.com/ProxymanApp/atlantis/issues/132

We recently encountered an Atlantis-related crash at:

github.com/ProxymanApp/atlantis@f6f7be1330/Sources/NetworkInjector+URLSession.swift (L294-L298)

I've found the cause but since I'm too familiar with method swizzling and calling conventions, I think you might want to take a look and verify this.

The problem is that uploadTaskWithRequest:fromData:completionHandler:, and its Swift counterpart uploadTask(with:from:completionHandler:), has an optional Data? parameter. Atlantis swizzled this method with a C function @convention(c) (AnyObject, Selector, AnyObject, AnyObject, AnyObject) -> AnyObject that marks all parameters non-null.

A third-party library actually passes nil to the Data? parameter, which causes Atlantis to crash when reading data. Although the code uses if let, data is always implicitly unwrapped to non-optional first because the C function signature declares AnyObject (instead of AnyObject?).

The fix seems to work when declaring parameters for data and completionHandler as optionals, and taking non-null data out of assertions. As a precaution, you should review other swizzled URLSessionTask factory methods to avoid implicit unwraps.

Originally created by @VaslD on GitHub (Jul 20, 2023). Original GitHub issue: https://github.com/ProxymanApp/atlantis/issues/132 We recently encountered an Atlantis-related crash at: https://github.com/ProxymanApp/atlantis/blob/f6f7be1330bd4f847b6d52278acd88516eaac471/Sources/NetworkInjector%2BURLSession.swift#L294-L298 <img width="1440" alt="Screenshot 07-20 15 17 02@2x" src="https://github.com/ProxymanApp/atlantis/assets/3415065/1abbff36-3ffb-4934-b10b-548cf3f1d558"> I've found the cause but since I'm too familiar with method swizzling and calling conventions, I think you might want to take a look and verify this. The problem is that [`uploadTaskWithRequest:fromData:completionHandler:`](https://developer.apple.com/documentation/foundation/nsurlsession/1411518-uploadtaskwithrequest?language=objc), and its Swift counterpart [`uploadTask(with:from:completionHandler:)`](https://developer.apple.com/documentation/foundation/urlsession/1411518-uploadtask), has an optional `Data?` parameter. Atlantis swizzled this method with a C function `@convention(c) (AnyObject, Selector, AnyObject, AnyObject, AnyObject) -> AnyObject` that marks all parameters non-null. A third-party library actually passes `nil` to the `Data?` parameter, which causes Atlantis to crash when reading `data`. Although the code uses `if let`, `data` is always implicitly unwrapped to non-optional first because the C function signature declares `AnyObject` (instead of `AnyObject?`). <img width="1426" alt="Screenshot 07-20 15 35 06@2x" src="https://github.com/ProxymanApp/atlantis/assets/3415065/901f486e-aaca-41be-b5d0-8405b0ba4bf0"> The fix seems to work when declaring parameters for `data` and `completionHandler` as optionals, and taking non-null `data` out of assertions. **As a precaution, you should review other swizzled `URLSessionTask` factory methods to avoid implicit unwraps.**

kerem closed this issue 2026-03-03 19:11:37 +03:00

kerem commented 2026-03-03 19:11:38 +03:00

Author

Owner

Copy link

@NghiaTranUIT commented on GitHub (Jul 20, 2023):

@VaslD can you verify what iOS version you're using?

<!-- gh-comment-id:1643482203 --> @NghiaTranUIT commented on GitHub (Jul 20, 2023): @VaslD can you verify what iOS version you're using?

kerem commented 2026-03-03 19:11:38 +03:00

Author

Owner

Copy link

@VaslD commented on GitHub (Jul 20, 2023):

I have confirmed crash reports from iOS 15.7.2 and 15.1, with IPAs generated from Xcode 14.2 and 14.3.1. Suspicious crashes do happen on other iOS versions during QA but I have not received crash reports to corroborate those claims.

But seeing the latest API documentation (I referenced in the original post) does declare the data parameter as nullable, it would be safe to not assume that it isn't.

<!-- gh-comment-id:1643502449 --> @VaslD commented on GitHub (Jul 20, 2023): I have confirmed crash reports from iOS 15.7.2 and 15.1, with IPAs generated from Xcode 14.2 and 14.3.1. Suspicious crashes do happen on other iOS versions during QA but I have not received crash reports to corroborate those claims. But seeing the latest API documentation (I referenced in the original post) does declare the `data` parameter as nullable, it would be safe to not assume that it isn't.

kerem referenced this issue 2026-03-03 19:12:02 +03:00

[PR #83] [CLOSED] [WIP] Fix loop in Runtime GetAllClasses #135

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

fix/backpressure-and-reconnection

fix-readme

feat/remove-android

feat/react-native

feat/bump-android-sdk

feat/android-sdk

feat/add-unit-tests

bug/missing-header-requests

bug/fix-warning

bump/1.27.0

feat/unit-tests

feat/stream-apis

feat/add-privacy-manifest

feat/new-bonjour-service

bug/ws-crash

bug/multiple-connections

bug/not-ready-connection

bug/tvOS-15

feat/add-carthage

fix/ios-16-beta

feat/remove-url-connection

feat/swiftplayground

feat/multiple-connection

feat/1.12

bug/loop-runtime

bug/tv-os

bug/memory

feat/websocket

bug/crash-big-files

improve/example-project

feat/better-interface

feat/upload-task

improve/download-task

bug/request-data-missing

improve/support-catalyst

bug/datatask

improve/hostname

improve/dynamic-port

feature/swizzle-url-connection

improve/add-compression

feature/resume-swizzle

1.3.40

1.34.0

1.33.0

1.32.0

1.31.0

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.24.0

1.23.0

1.22.0

1.21.1

1.21.0

1.20.0

1.19.0

1.18.2

1.18.1

1.18.0

1.17.0

1.16.0

1.15.0

1.14.0

1.13.0

1.12.0

1.11.2

1.11.1

1.11.0

1.10.0

1.9.0

1.8.0

1.7.1

1.7.0

1.6.0

1.5.0

1.4.3

1.4.2

1.4.1

1.4.0

1.3.0

1.2.0

1.1.0

1.0.9

1.0.8

1.0.7

1.0.6

1.0.5

1.0.4

1.0.3

1.0.2

1.0.1

1.0.0

Labels

Clear labels   

Done

  

Done

  

Windows

  

bug

  

bug

  

bug

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

hacktoberfest

  

pull-request

Mirrored from GitHub Pull Request

  

wontfix

  

wontfix

No labels

Done

Done

Windows

bug

bug

bug

enhancement

enhancement

enhancement

good first issue

hacktoberfest

pull-request

wontfix

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/atlantis#82

No description provided.