Name: Address a few potential security issues (#5059) · firebase/firebase-ios-sdk@86189f7 · GitHub
Rating: 4.5 (7814 reviews)
firebase
diff --git a/‎Firebase/CoreDiagnostics/CHANGELOG.md
+6-1 b/‎Firebase/CoreDiagnostics/CHANGELOG.md
+6-1
diff --git a/‎Firebase/CoreDiagnostics/FIRCDLibrary/FIRCoreDiagnostics.m
+5-5 b/‎Firebase/CoreDiagnostics/FIRCDLibrary/FIRCoreDiagnostics.m
+5-5
diff --git a/‎GoogleDataTransportCCTSupport/CHANGELOG.md
+3 b/‎GoogleDataTransportCCTSupport/CHANGELOG.md
+3
diff --git a/‎GoogleDataTransportCCTSupport/GDTCCTLibrary/GDTCCTNanopbHelpers.m
+4-4 b/‎GoogleDataTransportCCTSupport/GDTCCTLibrary/GDTCCTNanopbHelpers.m
+4-4
diff --git a/‎GoogleDataTransportCCTSupport/GDTCCTLibrary/Private/GDTCCTNanopbHelpers.h
+5-5 b/‎GoogleDataTransportCCTSupport/GDTCCTLibrary/Private/GDTCCTNanopbHelpers.h
+5-5
@@ -1,5 +1,10 @@
-# v1.2.1
+# v1.2.3
+- Remove usage of memcpy and convert calls from malloc to calloc.
+
+# v1.2.2
 - Fixed a bug that would manifest if a proto ended up being > 16,320 bytes.
+
+# v1.2.2
 - Now checks the result of malloc. (#4872)
 
 # v1.2.0
 
@@ -220,7 +220,7 @@ + (NSString *)deviceModel {
 
 #pragma mark - nanopb helper functions
 
-/** Mallocs a pb_bytes_array and copies the given NSString's bytes into the bytes array.
+/** Callocs a pb_bytes_array and copies the given NSString's bytes into the bytes array.
  *
  * @note Memory needs to be free manually, through pb_free or pb_release.
  * @param string The string to encode as pb_bytes.
@@ -230,15 +230,15 @@ + (NSString *)deviceModel {
 returnFIREncodeData(stringBytes);
 }
 
-/** Mallocs a pb_bytes_array and copies the given NSData bytes into the bytes array.
+/** Callocs a pb_bytes_array and copies the given NSData bytes into the bytes array.
  *
  * @note Memory needs to be free manually, through pb_free or pb_release.
  * @param data The data to copy into the new bytes array.
 */
 pb_bytes_array_t *FIREncodeData(NSData *data) {
-pb_bytes_array_t *pbBytes = malloc(PB_BYTES_ARRAY_T_ALLOCSIZE(data.length));
+pb_bytes_array_t *pbBytes = calloc(PB_BYTES_ARRAY_T_ALLOCSIZE(data.length), 1);
 if (pbBytes != NULL) {
-memcpy(pbBytes->bytes, [data bytes], data.length);
+ [data getBytes:pbBytes range:NSMakeRange(0, data.length)];
  pbBytes->size = (pb_size_t)data.length;
  }
 return pbBytes;
@@ -510,7 +510,7 @@ void FIRPopulateProtoWithInstalledServices(logs_proto_mobilesdk_ios_ICoreConfigu
  }
 
  logs_proto_mobilesdk_ios_ICoreConfiguration_ServiceType *servicesInstalled =
-malloc(sizeof(logs_proto_mobilesdk_ios_ICoreConfiguration_ServiceType) *
+calloc(sizeof(logs_proto_mobilesdk_ios_ICoreConfiguration_ServiceType),
  sdkServiceInstalledArray.count);
 if (servicesInstalled == NULL) {
 return;
 
@@ -1,3 +1,6 @@
+# v2.0.1
+- Remove usage of memcpy and convert calls from malloc to calloc.
+
 # v2.0.0
 - Adds a sentinel value to GDTCOREvent's custom params to signal collection
 of current network info to be associated with some event. This is required
 
@@ -43,9 +43,9 @@
 }
 
 pb_bytes_array_t *GDTCCTEncodeData(NSData *data) {
-pb_bytes_array_t *pbBytes = malloc(PB_BYTES_ARRAY_T_ALLOCSIZE(data.length));
+pb_bytes_array_t *pbBytes = calloc(PB_BYTES_ARRAY_T_ALLOCSIZE(data.length), 1);
 if (pbBytes != NULL) {
-memcpy(pbBytes->bytes, [data bytes], data.length);
+ [data getBytes:pbBytes range:NSMakeRange(0, data.length)];
  pbBytes->size = (pb_size_t)data.length;
  }
 return pbBytes;
@@ -78,7 +78,7 @@ gdt_cct_BatchedLogRequest GDTCCTConstructBatchedLogRequest(
 NSDictionary<NSString *, NSSet<GDTCOREvent *> *> *logMappingIDToLogSet) {
  gdt_cct_BatchedLogRequest batchedLogRequest = gdt_cct_BatchedLogRequest_init_default;
 NSUInteger numberOfLogRequests = logMappingIDToLogSet.count;
- gdt_cct_LogRequest *logRequests = malloc(sizeof(gdt_cct_LogRequest) * numberOfLogRequests);
+ gdt_cct_LogRequest *logRequests = calloc(sizeof(gdt_cct_LogRequest), numberOfLogRequests);
 if (logRequests == NULL) {
 return batchedLogRequest;
  }
@@ -111,7 +111,7 @@ gdt_cct_LogRequest GDTCCTConstructLogRequest(int32_t logSource,
  logRequest.has_log_source = 1;
  logRequest.client_info = GDTCCTConstructClientInfo();
  logRequest.has_client_info = 1;
- logRequest.log_event = malloc(sizeof(gdt_cct_LogEvent) * logSet.count);
+ logRequest.log_event = calloc(sizeof(gdt_cct_LogEvent), logSet.count);
 if (logRequest.log_event == NULL) {
 return logRequest;
  }
 
@@ -37,7 +37,7 @@ FOUNDATION_EXPORT NSString *const GDTCCTNetworkConnectionInfo;
 
 /** Converts an NSString* to a pb_bytes_array_t*.
  *
- * @note malloc is called in this method. Ensure that pb_release is called on this or the parent.
+ * @note calloc is called in this method. Ensure that pb_release is called on this or the parent.
  *
  * @param string The string to convert.
  * @return A newly allocated array of bytes representing the UTF8 encoding of the string.
@@ -46,7 +46,7 @@ pb_bytes_array_t *GDTCCTEncodeString(NSString *string);
 
 /** Converts an NSData to a pb_bytes_array_t*.
  *
- * @note malloc is called in this method. Ensure that pb_release is called on this or the parent.
+ * @note calloc is called in this method. Ensure that pb_release is called on this or the parent.
  *
  * @param data The data to convert.
  * @return A newly allocated array of bytes with [data bytes] copied into it.
@@ -67,7 +67,7 @@ NSData *GDTCCTEncodeBatchedLogRequest(gdt_cct_BatchedLogRequest *batchedLogReque
 
 /** Constructs a gdt_cct_BatchedLogRequest given sets of events segemented by mapping ID.
  *
- * @note malloc is called in this method. Ensure that pb_release is called on this or the parent.
+ * @note calloc is called in this method. Ensure that pb_release is called on this or the parent.
  *
  * @param logMappingIDToLogSet A map of mapping IDs to sets of events to convert into a batch.
  * @return A newly created gdt_cct_BatchedLogRequest.
@@ -78,7 +78,7 @@ gdt_cct_BatchedLogRequest GDTCCTConstructBatchedLogRequest(
 
 /** Constructs a log request given a log source and a set of events.
  *
- * @note malloc is called in this method. Ensure that pb_release is called on this or the parent.
+ * @note calloc is called in this method. Ensure that pb_release is called on this or the parent.
  * @param logSource The CCT log source to put into the log request.
  * @param logSet The set of events to send in this log request.
 */
@@ -126,7 +126,7 @@ gdt_cct_NetworkConnectionInfo_MobileSubtype GDTCCTNetworkConnectionInfoNetworkMo
 
 /** Decodes a gdt_cct_LogResponse given proto bytes.
  *
- * @note malloc is called in this method. Ensure that pb_release is called on the return value.
+ * @note calloc is called in this method. Ensure that pb_release is called on the return value.
  *
  * @param data The proto bytes of the gdt_cct_LogResponse.
  * @param error An error that will be populated if something went wrong during decoding.
Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@ FOUNDATION_EXPORT NSString *const GDTCCTNetworkConnectionInfo;`
`37`	`37`
`38`	`38`	`/** Converts an NSString* to a pb_bytes_array_t*.`
`39`	`39`	`*`
`40`		`- * @note malloc is called in this method. Ensure that pb_release is called on this or the parent.`
	`40`	`+ * @note calloc is called in this method. Ensure that pb_release is called on this or the parent.`
`41`	`41`	`*`
`42`	`42`	`* @param string The string to convert.`
`43`	`43`	`* @return A newly allocated array of bytes representing the UTF8 encoding of the string.`
`@@ -46,7 +46,7 @@ pb_bytes_array_t GDTCCTEncodeString(NSString string);`
`46`	`46`
`47`	`47`	`/** Converts an NSData to a pb_bytes_array_t*.`
`48`	`48`	`*`
`49`		`- * @note malloc is called in this method. Ensure that pb_release is called on this or the parent.`
	`49`	`+ * @note calloc is called in this method. Ensure that pb_release is called on this or the parent.`
`50`	`50`	`*`
`51`	`51`	`* @param data The data to convert.`
`52`	`52`	`* @return A newly allocated array of bytes with [data bytes] copied into it.`
`@@ -67,7 +67,7 @@ NSData GDTCCTEncodeBatchedLogRequest(gdt_cct_BatchedLogRequest batchedLogReque`
`67`	`67`
`68`	`68`	`/** Constructs a gdt_cct_BatchedLogRequest given sets of events segemented by mapping ID.`
`69`	`69`	`*`
`70`		`- * @note malloc is called in this method. Ensure that pb_release is called on this or the parent.`
	`70`	`+ * @note calloc is called in this method. Ensure that pb_release is called on this or the parent.`
`71`	`71`	`*`
`72`	`72`	`* @param logMappingIDToLogSet A map of mapping IDs to sets of events to convert into a batch.`
`73`	`73`	`* @return A newly created gdt_cct_BatchedLogRequest.`
`@@ -78,7 +78,7 @@ gdt_cct_BatchedLogRequest GDTCCTConstructBatchedLogRequest(`
`78`	`78`
`79`	`79`	`/** Constructs a log request given a log source and a set of events.`
`80`	`80`	`*`
`81`		`- * @note malloc is called in this method. Ensure that pb_release is called on this or the parent.`
	`81`	`+ * @note calloc is called in this method. Ensure that pb_release is called on this or the parent.`
`82`	`82`	`* @param logSource The CCT log source to put into the log request.`
`83`	`83`	`* @param logSet The set of events to send in this log request.`
`84`	`84`	`*/`
`@@ -126,7 +126,7 @@ gdt_cct_NetworkConnectionInfo_MobileSubtype GDTCCTNetworkConnectionInfoNetworkMo`
`126`	`126`
`127`	`127`	`/** Decodes a gdt_cct_LogResponse given proto bytes.`
`128`	`128`	`*`
`129`		`- * @note malloc is called in this method. Ensure that pb_release is called on the return value.`
	`129`	`+ * @note calloc is called in this method. Ensure that pb_release is called on the return value.`
`130`	`130`	`*`
`131`	`131`	`* @param data The proto bytes of the gdt_cct_LogResponse.`
`132`	`132`	`* @param error An error that will be populated if something went wrong during decoding.`