Skip to content

Insecure API when using in React Native iOS app #889

Open

Description

There are some insecure APIs that exists in this repository that Apple considered insecure and recommended not using:
https://developer.apple.com/library/archive/documentation/Security/Conceptual/SecureCodingGuide/Articles/BufferOverflows.html#//apple_ref/doc/uid/TP40002577-SW1

These are reported when using Mobile Security Framework (https://github.com/MobSF/Mobile-Security-Framework-MobSF) to scan the IPA.

strcpy:

strncpy:

strncat:

I understand that the use of these function does not definitely leads to security issues, but I want to bring this to your attention, and check if these are safe to use within our application.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions