如何解决NSException格式使用非字符串字面量的安全问题 [英] how to address the security concern of having an NSException format use a non-string literal
问题描述
我正在使用 mailcore2 这是所有基于块的。通常他们定义一个像这样的操作
SomeMailCoreOp * op = [session getOp];
[op start:^(NSError * error,id result){
if(error){
// handle error code
}
}
所以我想做的基本上只是简单地抛出 NSException 每次遇到错误..所以我可以抓住它在别的地方在我的代码基础..所以我创建了一个类别 NSError :
@implementation NSError(Addons)
- (NSString *)description {
return [NSString stringWithFormat :@%@ - %@,
[self localizedDescription],[self localizedFailureReason]];
}
@end
这是我想要的错误:
SomeMailCoreOp * op = [session getOp];
[op start:^(NSError * error,id result){
if(error){
[NSException raise:@failureformat:[error description]];
}
}];
我认为这是有意义的,因为在 documentation < a>为NSException它们为格式:
但我总是得到这个编译器警告,当我做上述:
格式字符串不是一个字符串字面量
如何解决这个问题?
NSLog() code> [NSString stringWithFormat:] 。 [NSException raise:@failureformat:@%@,[error description]];
不会产生警告。请查看格式化字符串的Apple文档对象以获取更多信息。
有关使用非字面字符串作为格式不安全的更多信息,请参阅维基百科上的不受控格式字符串
请注意,Apple不鼓励使用异常流-control:
从 Cocoa核心能力:
虽然异常通常用在许多编程环境中,编程流程或表示错误,请不要在Cocoa和Cocoa Touch应用程序中以这种方式使用异常。相反,您应该使用方法或函数的返回值来表示发生错误,并在错误对象中提供有关该问题的信息。
从处理错误:
如果您使用其他平台和语言,您可能习惯于使用异常处理大多数错误。当你使用Objective-C编写代码时,异常仅用于程序员错误,例如超出数组访问或无效的方法参数。这些是您在发布应用之前在测试期间应该找到并解决的问题。
I'm using mailcore2 which is all block based. Typically they define an operation like so
SomeMailCoreOp *op = [session getOp];
[op start:^(NSError* error, id result) {
if (error) {
// handle error code
}
}];
So what I wanted to do is basically simply throw an NSException every time an error is encountered.. so that I can catch it somewhere else in my code base.. So I created a category for NSError:
@implementation NSError (Addons)
-(NSString *)description {
return [NSString stringWithFormat:@"%@ - %@",
[self localizedDescription], [self localizedFailureReason]];
}
@end
and this is how I would like to typically handle errors:
SomeMailCoreOp *op = [session getOp];
[op start:^(NSError* error, id result) {
if (error) {
[NSException raise:@"failure" format:[error description]];
}
}];
I thought this makes sense since in the documentation for NSException they got this for format:
format, A human-readable message string (that is, the exception reason) with conversion specifications for the variable arguments that follow.
yet I always get this compiler warning when I do the above:
format string is not a string literal (potentially insecure)
how do I get around this?
format is a format string, like in NSLog() or [NSString stringWithFormat:]. In your case
[NSException raise:@"failure" format:@"%@", [error description]];
will not produce the warning. Have a look at the Apple Docs for formatting string objects for more information.
For more information why having a non-literal string as the format is insecure, see Uncontrolled format string on Wikipedia
Note that Apple discourages the use of Exceptions for flow-control:
From Cocoa Core Competencies:
Although exceptions are commonly used in many programming environments to control programming flow or to signify errors, do not use exceptions in this way in Cocoa and Cocoa Touch applications. Instead, you should use the return value of a method or function to indicate that an error has occurred, and provide information about the problem in an error object.
From Dealing with Error:
If you’re coming from other platforms and languages, you may be used to working with exceptions for the majority of error handling. When you’re writing code with Objective-C, exceptions are used solely for programmer errors, like out-of-bounds array access or invalid method arguments. These are the problems that you should find and fix during testing before you ship your app.
这篇关于如何解决NSException格式使用非字符串字面量的安全问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
