You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is a Security Issue in our app due to the usage of NSCoding in this plugin.
Problem:
NSCoding is an Objective-C protocol designed to allow serialization and deserialization of code objects. However, this protocol does not verify the type of object upon deserialization. Thus, it is vulnerable to object substitution attacks. A maliciously crafted payload that is deserialized via the NSCoding protocol can result in attacker-controlled code being executed. Apple provides the NSSecureCoding protocol which is robust against this type of attack. NSSecureCoding protects against object substitution attacks by requiring the programmer to declare the expected type of object before deserialization completes. Thus, if an invalid object is deserialized, the error can be handled safely.
The NSKeyedArchiver or NSKeyedUnarchiver methods used by the App are insecure because they are incompatible with the NSSecureCoding protocol. An attacker-controlled payload that is deserialized via these APIs may result in attacker-controlled code being executed.
Recommendation:
Locate all the classes in the App that conform to NSCoding and migrate them to NSSecureCoding.
Also, replace the insecure usages of NSKeyedArchiver and NSKeyedUnarchiver with the secure APIs that perform error handling and validate the expected type of the deserialized objects.
You can utilize Xcode's built-in search function to locate these classes in the App's project. Searching for "NSCoding" will reveal everything that conforms to the vulnerable protocol. Additionally, ensure all input data is validated before it is used, especially when dealing with data that becomes executable. You can read more about NSSecureCoding on NSHipster.
The text was updated successfully, but these errors were encountered:
There is a Security Issue in our app due to the usage of NSCoding in this plugin.
Problem:
NSCoding is an Objective-C protocol designed to allow serialization and deserialization of code objects. However, this protocol does not verify the type of object upon deserialization. Thus, it is vulnerable to object substitution attacks. A maliciously crafted payload that is deserialized via the NSCoding protocol can result in attacker-controlled code being executed. Apple provides the NSSecureCoding protocol which is robust against this type of attack. NSSecureCoding protects against object substitution attacks by requiring the programmer to declare the expected type of object before deserialization completes. Thus, if an invalid object is deserialized, the error can be handled safely.
The NSKeyedArchiver or NSKeyedUnarchiver methods used by the App are insecure because they are incompatible with the NSSecureCoding protocol. An attacker-controlled payload that is deserialized via these APIs may result in attacker-controlled code being executed.
Recommendation:
Locate all the classes in the App that conform to NSCoding and migrate them to NSSecureCoding.
Also, replace the insecure usages of NSKeyedArchiver and NSKeyedUnarchiver with the secure APIs that perform error handling and validate the expected type of the deserialized objects.
You can utilize Xcode's built-in search function to locate these classes in the App's project. Searching for "NSCoding" will reveal everything that conforms to the vulnerable protocol. Additionally, ensure all input data is validated before it is used, especially when dealing with data that becomes executable. You can read more about NSSecureCoding on NSHipster.
The text was updated successfully, but these errors were encountered: