代码问题:格式字符串不是字符串文字 [英] Issue With Code: Format string is not a string literal
问题描述
我在这行代码中遇到以下问题。
I am getting the following issue for this line of code.
格式字符串不是字符串文字(可能不安全)
"Format string is not a string literal (potentially insecure)"
NSLog([NSString stringWithFormat:@"%@", entered]);
有什么建议吗?
推荐答案
编译器希望我们为格式字符串( NSLog 的第一个参数)使用NSString常量,因为它阻止了一个相当着名的漏洞利用可能会违反安全性。例如,您可以更改您发布的代码,以保持编译器满意:
The compiler wants us to use an NSString constant for the format string (the first argument to NSLog) because it prevents a fairly well-known exploit that could potentially violate security. So for example, you could change the code you posted as follows to keep the compiler happy:
NSLog(@"%@", [NSString stringWithFormat:@"%@", entered]);
编辑
当然,上面的内容可以(而且应该)简单地写成如下:
And of course, the above could (and should) simply be written as follows:
NSLog(@"%@", entered);
安全漏洞的性质
不受控制的格式字符串 [1]是一种软件漏洞,在1999年左右发现
,可用于安全漏洞。
以前认为无害,格式字符串漏洞可用于
崩溃程序或执行有害代码。问题源于
使用未经检查的用户输入作为执行格式化的某些
C函数中的格式字符串参数,例如printf()。恶意
用户可以使用%s和%x格式令牌等来打印数据
来自堆栈或内存中可能的其他位置。也可以
使用%n格式令牌将任意数据写入任意位置,
命令printf()和类似函数,用于将
字节的数量写入存储在堆栈中的地址。
Uncontrolled format string[1] is a type of software vulnerability, discovered around 1999, that can be used in security exploits. Previously thought harmless, format string exploits can be used to crash a program or to execute harmful code. The problem stems from the use of unchecked user input as the format string parameter in certain C functions that perform formatting, such as
printf(). A malicious user may use the%sand%xformat tokens, among others, to print data from the stack or possibly other locations in memory. One may also write arbitrary data to arbitrary locations using the%nformat token, which commandsprintf()and similar functions to write the number of bytes formatted to an address stored on the stack.
一个典型的漏洞利用
使用这些技术的组合来强制程序覆盖
的库函数地址或者返回地址。使用指向某些恶意shellcode的指针堆栈
。
格式说明符的填充参数用于控制输出的字节数,
%x 标记用于从堆栈中弹出字节,直到到达格式字符串本身的
开头。格式字符串
的开头是精心设计的,以包含%n 格式标记然后
覆盖恶意代码地址的地址执行。
A typical exploit
uses a combination of these techniques to force a program to overwrite
the address of a library function or the return address on the stack
with a pointer to some malicious shellcode. The padding parameters to
format specifiers are used to control the number of bytes output and
the %x token is used to pop bytes from the stack until the beginning
of the format string itself is reached. The start of the format string
is crafted to contain the address that the %n format token can then
overwrite with the address of the malicious code to execute.
来源:维基百科不受控制的格式字符串
[1]: http://cwe.mitre.org/data/definitions/134.html CWE-134:不受控制的格式字符串。常见的弱点列举。 MITER。
[1]: http://cwe.mitre.org/data/definitions/134.html "CWE-134: Uncontrolled Format String". Common Weakness Enumeration. MITRE.
这篇关于代码问题:格式字符串不是字符串文字的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
