In a bizarre case of what appears to be Chinese censorship gone wrong, Apple introduced a bug in iOS that could cause an app to crash if a user received the Taiwan flag emoji and had their region set to China. This would allow remote users to essentially perform a denial-of-service on a receiving messaging application by constantly sending the emoji.

According to a blog post by security researcher Patrick Wardle, he discovered this bug when a friend told him that iOS apps would crash when she types the word "Taiwan" or received a message with the Taiwanese flag.

"She claimed that any time she typed the word Taiwan or worse, received a message with a Taiwanese flag (Taiwanese Flag) it would crash the application on her (fully patched) iOS device." stated Wardle in an Objective-see.com blog post.

Up for a challenge, he decided to debug the crash and determine what was wrong.

Debugging the crash shows iOS stripping the Taiwanese flag emoji

When Wardle debugged the crash on his friend's iPhone 7 he discovered that a particular function related to emoji processing was returning NULL, which would cause the querying app to crash. For those who are interested in the technical aspects of how he debugged this crash, I strongly suggest you visit his blog and read his his detailed approach to this problem.

As a byproduct of performing this analysis, Wardle also discovered that iOS would strip out the Taiwanese flag emoji from received messages if a user has their region set to China. This may be done by Apple at the request of China who does not acknowledge Taiwan as its own country. If this is the case, then Apple is purposely putting China's political interests above their own customers.

The way this censorship works is if an iOS user has their region set to China and they receive a message that contains a Taiwanese flag, iOS will strip it and show a missing symbol image. You can see an example of this below where my rightfully confused wife sent me a Taiwanese flag emoji at my request.

Stripped Taiwanese Flag
Stripped Taiwanese Flag

Apple also went one step further and completely eliminated the Taiwanese flag emoji from the emoji list if your region is set to China. Notice how you can see the Taiwanese flag if you are in the USA region, but not so much when set to China.

Flag List with USA and China Regions
Flag List with USA and China Regions

While Wardle ultimately found the source of the bug, he is not really sure why his friend was having this problem as her region was set to USA. For her, a fix was simply to toggle the region to China and then back again to USA.

Apple fixed this bug in iOS 11.4.1

The good news is that Apple fixed this bug in iOS 11.4.1 and even thanked Patrick Wardle for finding the bug.

Emoji

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing an emoji under certain configurations may lead to a denial of service

Description: A denial of service issue was addressed with improved memory handling.

CVE-2018-4290: Patrick Wardle of Digita Security

The bad news is that the censorship is still occurring.

BleepingComputer has reached out to Apple for comment regarding the stripping of emojis, but have not heard back at the time of this publication.

Related Articles:

iOS 12 Patches Memory Bugs, Safari 12 Fixes Data Leaks

New CSS Attack Restarts an iPhone or Freezes a Mac

Chrome 69 for iOS Moved Navigation Bar to Bottom of Screen & Users are Unhappy

Apple's Safari Falls For New Address Bar Spoofing Trick

Apple Removes Top Security App For Stealing Data and Sending it to China