CDVAssetLibraryFilesystem.m, CDVDevice.m and srp.h and many pods
Issue : Binary makes use of malloc function
CWE: CWE-789: UncontrolledMemory AllocationOWASP Top 10: M7: Client CodeQualityOWASP MASVS: MSTG-CODE-8
Security threat due to insecure function "malloc()"
From Apple’s perspective, malloc is no more insecure than any other code written in a C-based language. That is, it’s secure if you use it correctly but there are many subtle traps that can lead to security problems.
It sounds like you’re looking at the output of a security audit tool. I recommend that you discuss this issue with the tool’s vendor.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"