How to fix MobSF - iOS Vulnerabilities (Xamarin Forms)

Nikhil Chaudhary 0 Reputation points
2024-02-05T09:00:25.0333333+00:00

How can I address below iOS vulnerabilities (Xamarin Forms) which is reported by MobSF tool?

  1. Binary makes use of insecure API(s) --> The binary may contain the following insecure API(s) _sscanf , _chmod , _strcat, _strcpy , _printf , _strncpy , _vsnprintf , _vsprintf, _memcpy , _strlen , _sprintf ,_fopen , _stat.
  2. Binary makes use of the insecure Random function(s) --> The binary may use the following insecure Random function(s) _random.
  3. Binary makes use of malloc function --> The binary may use _malloc function instead of calloc.

App is developed by using Xamarin Forms. For resolving the above vulnerabilities, I tried searching these functions in my application but I was not able to find. Even I am not using any random functions as well. In this link it is said it's false positive: https://github.com/xamarin/xamarin-macios/issues/12612 I tried below steps to resolve this:

  1. Searched my solution if we are using any Random function but we're not using it.
  2. Even not using insecure calls to API.
  3. Not using any malloc functions as well.
  4. Used Re-sharper to decompile the DLLs and searched their as well.
Xamarin
Xamarin
A Microsoft open-source app platform for building Android and iOS apps with .NET and C#.
5,254 questions
0 comments No comments
{count} votes