compilation flags stack-protector-all and fbojc-arc
24 views
Skip to first unread message
ahmed talbi
Oct 19, 2020, 7:56:23 AM10/19/20
to CodenameOne Discussions
Hi All,
We are looking for a way to add compilation flags stack-protector-all and fbojc-arc for iOS projects in Codename One.
Best regards
Shai Almog
Oct 19, 2020, 9:49:20 PM10/19/20
to CodenameOne Discussions
Hi,
why do you need those?
I don't think they play well with our VM.
ahmed talbi
Oct 20, 2020, 5:40:03 AM10/20/20
to CodenameOne Discussions
Hi,
thank you for your reply.
thank you for your reply.
We have a security audit on our iOS application and they detected a vulnerability related to those flags.
https://cwe.mitre.org/data/definitions/199.htmlShai Almog
Oct 20, 2020, 9:26:03 PM10/20/20
to CodenameOne Discussions
Hi,
Java already provides bound arrays and GC both of which remove the need for these flags. So user code is 100% secure in Codename One without these flags.
Our native layer is written in C (not Objective-C) which is less susceptible to blind attacks and isn't impacted by ARC anyway.
So this CWE doesn't really apply to Codename One code.
ahmed talbi
Oct 22, 2020, 12:52:17 PM10/22/20
to codenameone...@googlegroups.com
ok, thank you for your reply.
--
You received this message because you are subscribed to the Google Groups "CodenameOne Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to codenameone-discu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/codenameone-discussions/04d166b8-9c07-4cab-b05e-75878a980bf2n%40googlegroups.com.
Ahmed TALBI
Software Engineer
Department of Computer Science
Faculty of Sciences & Technologies Mohammadia
Phone : + (212) 661 409 736
Reply all
Reply to author
Forward
0 new messages