{
	"id": "91950",
	"key": "TIMOB-9167",
	"fields": {
		"issuetype": {
			"id": "7",
			"description": "gh.issue.story.desc",
			"name": "Story",
			"subtask": false
		},
		"project": {
			"id": "10153",
			"key": "TIMOB",
			"name": "Titanium SDK/CLI",
			"projectCategory": {
				"id": "10100",
				"description": "Titanium and related SDKs used in application development",
				"name": "Client"
			}
		},
		"fixVersions": [
			{
				"id": "13271",
				"description": "Release 2.1.0",
				"name": "Release 2.1.0",
				"archived": false,
				"released": true,
				"releaseDate": "2012-06-29"
			},
			{
				"id": "13406",
				"description": "Sprint 2012-10 API",
				"name": "Sprint 2012-10 API",
				"archived": true,
				"released": true,
				"releaseDate": "2012-05-20"
			}
		],
		"resolution": {
			"id": "1",
			"description": "A fix for this issue is checked into the tree and tested.",
			"name": "Fixed"
		},
		"resolutiondate": "2012-05-21T15:24:00.000+0000",
		"created": "2012-05-17T13:17:53.000+0000",
		"priority": {
			"name": "High",
			"id": "2"
		},
		"labels": [
			"core"
		],
		"versions": [
			{
				"id": "13272",
				"description": "Release 2.0.1",
				"name": "Release 2.0.1",
				"archived": true,
				"released": true,
				"releaseDate": "2012-04-16"
			}
		],
		"issuelinks": [],
		"assignee": {
			"name": "ingo",
			"key": "ingo",
			"displayName": "Ingo Muschenetz",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"updated": "2014-02-04T01:09:17.000+0000",
		"status": {
			"description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.",
			"name": "Closed",
			"id": "6",
			"statusCategory": {
				"id": 3,
				"key": "done",
				"colorName": "green",
				"name": "Done"
			}
		},
		"components": [
			{
				"id": "10206",
				"name": "iOS",
				"description": "iOS Platform"
			}
		],
		"description": "An analysis was performed, and checking for the possibility malloc producing a NULL value is not being done. In the majority of cases, these allocations are small constant sizes (such as the size of an internet address structure) and do not need checks (The iOS watchdog would be shutting things down long beforehand). However, I did note a few places where such checks may be of use:\r\n\r\n* AsyncUdpSocket.m uses a DEFAULT_MAX_RECEIVE_BUFFER_SIZE of 9KB.\r\n* AudioStreamer relies on getting a value from iOS for the size of the buffer to allocate.\r\n* NSData * decode64 (NSData * thedata) may be dealing with base64 encodings of binary blobs in the multi-kilobytes.\r\n* -\\[TiDataStream writeToStream:chunkSize:callback:\\] and -\\[TiDataStream pumpToCallback:chunkSize:synch:\\] does not check the sign or value of size before using it in a malloc, nor does its subclass TiFilesystemStreamProxy.\r\n* TiNetworkTCPSocketProxy uses a bufferSize of 4KB.\r\n* TiUIWebView and UtilsModule, when preparing to Base64Encode, do not check the malloc caused by an estimated encoded data size.",
		"attachment": [],
		"flagged": false,
		"summary": "iOS: Range and sanity check memory allocations via malloc that would reasonably be over 2KB.",
		"creator": {
			"name": "blainhamon",
			"key": "blainhamon",
			"displayName": "Blain Hamon",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"subtasks": [],
		"reporter": {
			"name": "ingo",
			"key": "ingo",
			"displayName": "Ingo Muschenetz",
			"active": true,
			"timeZone": "America/Los_Angeles"
		},
		"environment": null,
		"comment": {
			"comments": [],
			"maxResults": 0,
			"total": 0,
			"startAt": 0
		}
	}
}