用例名称
不安全接口检测
风险编号
CWE-227
风险描述
使用禁用的接口,将可能导致审核被拒,项目上线时间延期,另外使用私有API会导致程序异常,因为私有API(private framework)是Apple未发布的不够成熟、可能还会变动的API,使用未发布的API可能造成在Apple升级软件时应用程序代码被损坏,用户对自己的手机进行升级后,程序可能无法使用。
检测过程
1、对被测系统客户端安装包进行测试预处理。
2、基于深度静态检测技术进行逆向分析。
3、进行词法、语法、控制流、数据流和污点分析等技术对程序文件进行扫描,依据漏洞特征,主动探测分析外部引用情况,发现存在不安全接口。
相关文件名:
Mach-O File
风险接口:
0x0000000100b3ec38 450 _DNSServiceRefDeallocate
0x0000000100b3f0dc 855 __ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEPKc
0x0000000100b3f154 867 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5eraseEmm
0x0000000100b3f160 868 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc
0x0000000100b3f16c 869 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm
0x0000000100b3f178 870 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6assignEPKc
0x0000000100b3f184 871 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6resizeEmc
0x0000000100b3f190 872 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7reserveEm
0x0000000100b3f19c 873 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9push_backEc
0x0000000100b3f1a8 874 _ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5
0x0000000100b3f1b4 875 _ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4
0x0000000100b3f1c0 876 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev
0x0000000100b3f1cc 877 _ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEaSERKS5
0x0000000100b3f40c 966 ___cxa_allocate_exception
0x0000000100b3f4cc 984 ___memcpy_chk
0x0000000100b3f4fc 989 ___sprintf_chk
0x0000000100b3f514 993 ___strcpy_chk
0x0000000100b3f550 998 ___vsprintf_chk
0x0000000100b3f5d4 1017 _asprintf
0x0000000100b3fa6c 1116 _fprintf
0x0000000100b3fb98 1144 _getsockname
0x0000000100b40264 1430 _memcpy
0x0000000100b40324 1448 _objc_allocateClassPair
0x0000000100b405dc 1510 _printf
0x0000000100b4069c 1527 _pthread_getspecific
0x0000000100b408dc 1576 _snprintf
0x0000000100b408f4 1578 _sprintf
0x0000000100b40bd0 1639 _sscanf
0x0000000100b40bf4 1642 _strcat
0x0000000100b40c18 1645 _strcpy
0x0000000100b40c48 1649 _strlen
0x0000000100b40c60 1651 _strncpy
0x0000000100b40c9c 1656 _strtok
0x0000000100b40e04 1686 _vm_deallocate
0x0000000100b40e10 1687 _vsnprintf
0x0000000100b40e1c 1688 _vsprintf
0x0000000100b40e28 1689 _wcscpy
0x0000000100b40e34 1690 _wcslen
0x0000000100d757b8 1448 _objc_allocateClassPair
0x0000000100d76388 450 _DNSServiceRefDeallocate
0x0000000100d766a0 855 __ZNKSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7compareEPKc
0x0000000100d766f0 867 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5eraseEmm
0x0000000100d766f8 868 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKc
0x0000000100d76700 869 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6appendEPKcm
0x0000000100d76708 870 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6assignEPKc
0x0000000100d76710 871 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6resizeEmc
0x0000000100d76718 872 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE7reserveEm
0x0000000100d76720 873 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE9push_backEc
0x0000000100d76728 874 _ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5
0x0000000100d76730 875 _ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEC1ERKS5_mmRKS4
0x0000000100d76738 876 __ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED1Ev
0x0000000100d76740 877 _ZNSt3__112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEEaSERKS5
0x0000000100d768c0 966 ___cxa_allocate_exception
0x0000000100d76940 984 ___memcpy_chk
0x0000000100d76960 989 ___sprintf_chk
0x0000000100d76970 993 ___strcpy_chk
0x0000000100d76998 998 ___vsprintf_chk
0x0000000100d769f0 1017 _asprintf
0x0000000100d76d00 1116 _fprintf
0x0000000100d76dc8 1144 _getsockname
0x0000000100d77250 1430 _memcpy
0x0000000100d772d0 1448 _objc_allocateClassPair
0x0000000100d774a0 1510 _printf
0x0000000100d77520 1527 _pthread_getspecific
0x0000000100d776a0 1576 _snprintf
0x0000000100d776b0 1578 _sprintf
0x0000000100d77898 1639 _sscanf
0x0000000100d778b0 1642 _strcat
0x0000000100d778c8 1645 _strcpy
0x0000000100d778e8 1649 _strlen
0x0000000100d778f8 1651 _strncpy
0x0000000100d77920 1656 _strtok
0x0000000100d77a10 1686 _vm_deallocate
0x0000000100d77a18 1687 _vsnprintf
0x0000000100d77a20 1688 _vsprintf
0x0000000100d77a28 1689 _wcscpy
0x0000000100d77a30 1690 _wcslen
iOS的污点分析是怎么做的?
搜符号表呗