1

I developed a Cordova application and it went through a security review, one of the findings was related to a plugin I use to make curl requests. The finding is graded as Heigh vulnerability. The finding is as follows:

Signed integer sizeof at line 143 of [some file] specifies size of memory to allocate.

#ifdef __LP64__
#define CURL_SIZEOF_LONG 8
#else
#define CURL_SIZEOF_LONG 4
#endif

#define CurlchkszEQ(t, s) sizeof(t) == s ? 1 : -1

typedef char
  __curl_rule_01__
    [CurlchkszEQ(long, CURL_SIZEOF_LONG)];

This is an objective-c code and I am not familiar with it. So my question is what is this vulnerability and how to fix it?

Improve this question
1
Related questions
0
What's the purpose of unsigned type here?
1
memory leak from numberWithInt?
4
+[NSNumber numberWithUnsignedInteger:] Literal?
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.