This repository was archived by the owner on Dec 14, 2023. It is now read-only.
This repository was archived by the owner on Dec 14, 2023. It is now read-only.
Security threat due to insecure functions "malloc" used in lecore.m file. #46
Description
Hi,
I am getting security threat in below code for lecore.m class https://github.com/LogentriesCommunity/le_ios/blob/master/lelib/lecore.m
occurrences of "malloc()" method which is an insecure function acc to security tool.
char local_buffer = malloc(length + 1);*
Below is the issue description and reference links from security team.
Issue description : Use of insecure functions/potential dangerous functions
Reference link: https://cwe.mitre.org/data/definitions/676.html
This would explain why SECURITY TEAM is recommending the change of these functions.
Please provide solution for this as soon as possible as it is very urgent.