lcimeni / chase

0 stars 0 forks source link

NowSecure static analysis: Not Using Built-in Binary Protection (ARC) Exposes Components to Memory Corruption Attacks #22

Open lcimeni opened 2 years ago

lcimeni commented 2 years ago

Finding Description

Libraries found in the app were not compiled using ARC, a free feature of Objective-C and Swift. One thing to note: it is possible that an included binary does not have these protections and it is possible that a third party would have to correct the problem. Enabling it has no discernible downsides, and prevents memory corruption attacks such as object-use-after-free exploits. If those exploits are possible, attackers can potentially gain access to a wide variety of information and access with potentially severe consequences.

Steps to Reproduce

This check examines the compiled binary for libraries that do not have Automatic Reference Counting (ARC) enabled.

Business Impact

This app has components that do not protect against a specific type of attack that can expose the app to an attacker performing custom actions. These custom actions could potentially give them access to sensitive information from the app or the device.

Remediation Resources

All newer apps will have ARC enabled by default. However, if it has become disabled you can go to the Build Settings for the App and make sure that "Objective-C Automatic Reference Counting" is set to YES. It may be necessary to migrate existing projects to ARC with the Refactoring tool provided by Apple in Xcode that helps the developer in the process. This will enable automatic memory management in your app as described in the iOS Developer Library.

Risk and Regulatory Information

Severity: low CVSS: 1.6

Application

See more detail in the NowSecure Report