Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ethical Hacking: memcpy and strlen functions used on iOS platform marked as vulnerabilities #34

Open
diegofdospina opened this issue Sep 22, 2021 · 0 comments
Open

Ethical Hacking: memcpy and strlen functions used on iOS platform marked as vulnerabilities #34

diegofdospina opened this issue Sep 22, 2021 · 0 comments

Comments

@diegofdospina
Copy link

Greetings!
I create this issue to make a question about your plugin.

We got an hybrid app and we decided to use a plugin called iRoot for avoiding rooted devices to run our app, this was a
requirement by Ethical hacking testers. The customer is pretty interested in checking all kinds of vulnerabilities in order to
be mitigated. This time a report was made about that plugin because it uses some functions which are considered dangerous; Those are memcpy and strlen, located in this file:
https://github.com/mapsplugin/cordova-plugin-googlemaps/blob/master/src/ios/GoogleMaps/TBXML.m

The mapsplugin team recently tell us that TBXML.m belongs to this library so we would like to know if you could help us with our question: ¿Do you have control on those functions usage (memcpy and strlen)? because we been told that they could produce memory overleaks

Thanks.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@diegofdospina