[TIMOB-9167] iOS: Range and sanity check memory allocations via malloc that would reasonably be over 2KB.
GitHub Issue | n/a |
---|---|
Type | Story |
Priority | High |
Status | Closed |
Resolution | Fixed |
Resolution Date | 2012-05-21T15:24:00.000+0000 |
Affected Version/s | Release 2.0.1 |
Fix Version/s | Release 2.1.0, Sprint 2012-10 API |
Components | iOS |
Labels | core |
Reporter | Ingo Muschenetz |
Assignee | Ingo Muschenetz |
Created | 2012-05-17T13:17:53.000+0000 |
Updated | 2014-02-04T01:09:17.000+0000 |
Description
An analysis was performed, and checking for the possibility malloc producing a NULL value is not being done. In the majority of cases, these allocations are small constant sizes (such as the size of an internet address structure) and do not need checks (The iOS watchdog would be shutting things down long beforehand). However, I did note a few places where such checks may be of use:
* AsyncUdpSocket.m uses a DEFAULT_MAX_RECEIVE_BUFFER_SIZE of 9KB.
* AudioStreamer relies on getting a value from iOS for the size of the buffer to allocate.
* NSData * decode64 (NSData * thedata) may be dealing with base64 encodings of binary blobs in the multi-kilobytes.
* -\[TiDataStream writeToStream:chunkSize:callback:\] and -\[TiDataStream pumpToCallback:chunkSize:synch:\] does not check the sign or value of size before using it in a malloc, nor does its subclass TiFilesystemStreamProxy.
* TiNetworkTCPSocketProxy uses a bufferSize of 4KB.
* TiUIWebView and UtilsModule, when preparing to Base64Encode, do not check the malloc caused by an estimated encoded data size.
No comments