Background NSURLSession sandbox violation

Originator:nicholas.helke
Number:rdar://32534132 Date Originated:2017-06-02
Status:Open Resolved:
Product:iOS + SDK Product Version:10.2 and up
Classification:Bug Reproducible:Sometimes
 
Area:
CFNetwork Framework

Summary:
About 1% of users across different publications running iOS 10.2 and up seem to get stuck in a bad state which can only be recovered from by uninstalling and reinstalling the app.

Inside our `URLSession:downloadTask:didFinishDownloadingToURL` delegate methods we call `moveItemAtPath:toPath:error:` to move the download into our sandbox.

For 1% affected, the move always fails no matter what we download. We have attached an extract of the device logs for an affected user of the <redacted> app, the last line of the log is our NSLog of the error returned by the `moveItem` call.

Steps to Reproduce:
Unsure what leads devices to be in this state in the first place.

Expected Results:
The move fails and the OS logs a sandbox violation even though we are merely moving the file the NSURLSession is telling us to move.

Observed Results:
The move should succeed.

Version:
iOS 10.2 and up

Comments

I should also note that we have been able to reproduce this on a 10.0.2 device, so it's not limited to 10.2 and above.

By nicholas.helke at June 12, 2017, 10:45 a.m. (reply...)

Note - in the attached logs, the file paths provided in `URLSession:downloadTask:didFinishDownloadingToURL are not actually within our Sandbox in the first place.

e.g.: kernel(Sandbox)[0] : SandboxViolation: economist-econom(260) deny(1) file-read-metadata /private/var/mobile/Library/Caches/com.apple.nsurlsessiond/Downloads/com.economist.ipad.uk/CFNetworkDownload_fUYSha.tmp

Normally the URL provided is. For example: /var/mobile/Containers/Data/Application/9453332D-4A7A-4F2A-8933-EC3822EFC015/Library/Caches/com.apple.nsurlsessiond/Downloads/com.economist.ipad.uk/CFNetworkDownload_F1tBQi.tmp

By nicholas.helke at June 12, 2017, 10:44 a.m. (reply...)

Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!