The customer requested a pen-test for this app, and they reported some issues related to buffer overflow and weak randomness functions

Question

Created Jul ’24

Replies 2

Boosts 0

Participants 3

The customer requested a pen-test for this app, and they reported some issues related to buffer overflow and weak randomness functions. I reviewed the identified methods, but I couldn't find them in the code or third-party SDKs. We would like to know if you can review these methods to see if there is a possible solution or if you can guarantee that these functions are safe.

They say that they applied a reverse engineering tool and it delivered our app compiled using this c/c++ functions that are considered unsafe.

The tool used is: Ghidra (https://ghidra-sre.org/)

These are methods reported by Ciber security team:

Related to buffer overflow:

WhatsApp Image 2024-07-26 at 12.53.40.jpeg

WhatsApp Image 2024-07-26 at 12.53.52.jpeg

WhatsApp Image 2024-07-26 at 12.54.14.jpeg

Related to weak randomness functions:

WhatsApp Image 2024-07-26 at 12.59.32.jpeg

Answered by DTS Engineer in 797670022

I see questions like this a lot. Honestly, I’m inclined to agree with endecotp’s advice (-: However, as this crops up again and again, I figured I should write up something more extensive.

The result of that effort is Security Audit Thoughts. Please read it through and then post back here if you have specific questions.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Boost

Answer 1

endecotp OP

Jul ’24

They have wasted their money on this so-called pen-test.

Suggestion: find out how much they paid, and you charge them twice that much to write your own report explaining how your use of malloc(), random() etc. is actually safe.

1

Answer 2

DTS Engineer OP

Apple

Jul ’24

Accepted Answer

Recommended

I see questions like this a lot. Honestly, I’m inclined to agree with endecotp’s advice (-: However, as this crops up again and again, I figured I should write up something more extensive.

The result of that effort is Security Audit Thoughts. Please read it through and then post back here if you have specific questions.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

1