Hi,
https://opensource.apple.com/source/HTTPServer/HTTPServer-11/CocoaHTTPServer/Vendor/CocoaAsyncSocket/GCDAsyncSocket.m.auto.html
I am getting security threat in GCDAsyncSocket.m class file
There is occurrences of malloc() function which is an insecure function acc to security tool.
preBuffer = malloc(preBufferSize);
Below is the issue description and reference links from security team.
Issue description : Use of insecure functions/potential dangerous functions
Reference links: CWE-676: Use of Potentially Dangerous Function
CWE-789 - Uncontrolled Memory Allocation
This would explain why SECURITY TEAM is recommending the change of these functions.
Please provide solution for this as soon as possible as it is very urgent.
Thanks and Regards,
Priya Mehndiratta
https://opensource.apple.com/source/HTTPServer/HTTPServer-11/CocoaHTTPServer/Vendor/CocoaAsyncSocket/GCDAsyncSocket.m.auto.html
I am getting security threat in GCDAsyncSocket.m class file
There is occurrences of malloc() function which is an insecure function acc to security tool.
preBuffer = malloc(preBufferSize);
Below is the issue description and reference links from security team.
Issue description : Use of insecure functions/potential dangerous functions
Reference links: CWE-676: Use of Potentially Dangerous Function
CWE-789 - Uncontrolled Memory Allocation
This would explain why SECURITY TEAM is recommending the change of these functions.
Please provide solution for this as soon as possible as it is very urgent.
Thanks and Regards,
Priya Mehndiratta