Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Insecure API when using in React Native iOS app #889

Open
duynpc opened this issue Jan 31, 2023 · 0 comments
Open

Insecure API when using in React Native iOS app #889

duynpc opened this issue Jan 31, 2023 · 0 comments

Comments

@duynpc
Copy link

duynpc commented Jan 31, 2023

There are some insecure APIs that exists in this repository that Apple considered insecure and recommended not using:
https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/Articles/BufferOverflows.html#//apple_ref/doc/uid/TP40002577-SW1

These are reported when using Mobile Security Framework (https://github.com/MobSF/Mobile-Security-Framework-MobSF) to scan the IPA.

strcpy:

strncpy:

strncat:

I understand that the use of these function does not definitely leads to security issues, but I want to bring this to your attention, and check if these are safe to use within our application.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants