search

Custodela / iGoat-Swift

OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS
https://igoatapp.com/
GNU General Public License v3.0
0 stars 0 forks source link

CX Unchecked_Return_Value @ iGoat-Swift/iGoat-Swift/ThirdParty/CocoaLumberjack/DDASLLogCapture.m [master] #88

Open tsunez opened 4 years ago

tsunez commented 4 years ago

Unchecked_Return_Value issue exists @ iGoat-Swift/iGoat-Swift/ThirdParty/CocoaLumberjack/DDASLLogCapture.m in branch master

The notify_register_dispatch method calls the snprintf function, at line 139 of iGoat-Swift\iGoat-Swift\ThirdParty\CocoaLumberjack\DDASLLogCapture.m. However, the code does not check the return value from this function, and thus would not detect runtime errors or other unexpected states.

Severity: Low

CWE:252

Vulnerability details and guidance

Checkmarx

Recommended Fix

Lines: 148 153 61

Code (Line #148):

                                             snprintf(stringValue, sizeof stringValue, "%llu", lastSeenID);

Code (Line #153):

                                             snprintf(stringValue, sizeof stringValue, "%llu", startTime);

Code (Line #61):

    sprintf(pid, "%d", processId);
tsunez commented 4 years ago

Issue still exists.

SUMMARY

Issue has 3 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)

tsunez commented 4 years ago

Issue still exists.

SUMMARY

Issue has 3 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)