VeraCode issue in FABByteUtility.m

[security-v]

[REQUIRED] Step 1: Describe your environment

• Xcode version: 11.3
• Firebase SDK version: 6.13.0
• Firebase Component: Fabric (Auth, Core, Database, Firestore, Messaging, Storage, etc)
• Component version: 1.10.2
• Installation method: CocoaPods

[REQUIRED] Step 2: Describe the problem

Steps to reproduce:

VeraCode has found a low severity issues in Fabric/Base/Fabric/Settings/Utilities/FABByteUtility.m , called "Unchecked error condition " and "Use after Free".
Unchecked error condition issue states that return value from malloc() is not been checked before been used in subsequent call.
Use after free issue states that variable reference occurs after its memory allocation has been freed.

Relevant Code:

Unchecked error condition

Fabric/Base/Fabric/Settings/Utilities/FABByteUtility.m [Path 1: FABNSDataPrettyDescription, line 55 (1 step)]


Use after free

Fabric/Base/Fabric/Settings/Utilities/FABByteUtility.m [Path 1: FABNSDataPrettyDescription, line 64 (1 step)]


[google-oss-bot]

I found a few problems with this issue:

• I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.
• This issue does not seem to follow the issue template. Make sure you provide all the required information.

[jasonhu-g]

This issue has been fixed in 4.0.0-beta.2: #4669.