发表新帖
发表新帖

Why is my string potentially unsecure in my iOS application?

后端 未结
关注
3 1119
灰色年华
灰色年华 2020-12-04 02:02

I am initializing a mutable string and then logging it as follows.

NSMutableString* mStr = [[NSMutableString alloc] init];
mStr = (NSMutableString*) someText
相关标签:
3条回答
  • 后悔当初
    2020-12-04 02:10

    The mStr you're passing is used for formatting. If this string comes from an untrusted source, it can be used to exploit your program if an attacker provides some input that is correctly written.

    You should modify your code to:

    NSLog(@"%@", (NSString *) mStr);

    This way, no matter what content is stored in mStr, it cannot be used by an attacker to exploit your program.

    This is a serious security issue; from my local archive of the CVE database, I counted 520 instances of format string vulnerabilities between 1999 and early 2012.

    0 讨论(0)
  • 庸人自扰
    2020-12-04 02:12

    Well, there are a few problems here.

    The first one (and not the one that you asked about) is that you are allocating a new NSMutableString and then simply throwing it away in the second line when you set it to someTextFieldIbOutlet.text. Also, you are casting a non-mutable string to a mutable one which won't actually work. Instead, combine the first two lines like this:

    NSMutableString* mStr = [NSMutableString stringWithString:someTextFieldIbOutlet.text];

    The actual error that you are getting is caused because the first argument to NSLog is supposed to be the "format" string which tells NSLog how you want to format the data that follows in later arguments. This should be a literal string (created like @"this is a literal string") so that it can not be used to exploit your program by making changes to it.

    Instead, use this:

    NSLog(@"%@", mStr );

    In this case, the format string is @"%@" which means "Create a NSString object set to %@". %@ means that the next argument is an object, and to replace %@ with the object's description (which in this case is the value of the string).

    0 讨论(0)
  • 死守一世寂寞
    2020-12-04 02:34

    If mStr was set to something like %@, NSLog would try to load an object argument, fail, and probably crash badly. There are other format strings which can also cause havoc.

    If you need to just log a string without any marker text, use:

    NSLog(@"%@", mStr);
    0 讨论(0)
 看不清?
提交回复
热议问题