Post

Replies

Boosts

Views

Activity

The customer requested a pen-test for this app, and they reported some issues related to buffer overflow and weak randomness functions
The customer requested a pen-test for this app, and they reported some issues related to buffer overflow and weak randomness functions. I reviewed the identified methods, but I couldn't find them in the code or third-party SDKs. We would like to know if you can review these methods to see if there is a possible solution or if you can guarantee that these functions are safe. They say that they applied a reverse engineering tool and it delivered our app compiled using this c/c++ functions that are considered unsafe. The tool used is: Ghidra (https://ghidra-sre.org/) These are methods reported by Ciber security team: Related to buffer overflow: Related to weak randomness functions:
2
0
514
Jul ’24