CX Functions_Apple_Recommends_To_Avoid @ iGoat-Swift/iGoat-Swift/ThirdParty/CocoaLumberjack/DDLog.m [master]

Custodela / iGoat-Swift

OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS

https://igoatapp.com/

GNU General Public License v3.0

0 stars 0 forks source link

CX Functions_Apple_Recommends_To_Avoid @ iGoat-Swift/iGoat-Swift/ThirdParty/CocoaLumberjack/DDLog.m [master] #82

Open tsunez opened 4 years ago

tsunez commented 4 years ago

Functions_Apple_Recommends_To_Avoid issue exists @ iGoat-Swift/iGoat-Swift/ThirdParty/CocoaLumberjack/DDLog.m in branch master

The code in iGoat-Swift\iGoat-Swift\ThirdParty\CocoaLumberjack\DDLog.m at line 886 makes a call to the dangerous function dd_str_copy, whose use is discouraged by Apple.*

Severity: Low

CWE:937

Vulnerability details and guidance

Checkmarx

Recommended Fix

Lines: 893

Code (Line #893):

    strncpy(result, str, length);

tsunez commented 4 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

tsunez commented 4 years ago

Issue still exists.

SUMMARY

Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)