The customer requested a pen-test for this app, and they reported some issues related to buffer overflow and weak randomness functions. I reviewed the identified methods, but I couldn't find them in the code or third-party SDKs. We would like to know if you can review these methods to see if there is a possible solution or if you can guarantee that these functions are safe.
They say that they applied a reverse engineering tool and it delivered our app compiled using this c/c++ functions that are considered unsafe.
The tool used is: Ghidra (https://ghidra-sre.org/)
These are methods reported by Ciber security team:
Related to buffer overflow:
Related to weak randomness functions:
Ivan-Cardona
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution