The iPhone bug has to do with telling the phone there is a certain amount of data, and then not sending it as much as you said you would. The function that reads the data starts returning -1 to indicate an error, but the other parts of the program don’t check for this error and actually think the -1 is data from the message.

via Exclusive Interview: Hacking The iPhone Through SMS : Introduction – Review Tom’s Hardware.

Always interesting to see the anatomy of a hack.