diff --git a/Crashlytics/Crashlytics/Components/FIRCLSContext.h b/Crashlytics/Crashlytics/Components/FIRCLSContext.h index edd421cc3f0..e14596d001e 100644 --- a/Crashlytics/Crashlytics/Components/FIRCLSContext.h +++ b/Crashlytics/Crashlytics/Components/FIRCLSContext.h @@ -99,5 +99,8 @@ bool FIRCLSContextIsInitialized(void); bool FIRCLSContextHasCrashed(void); void FIRCLSContextMarkHasCrashed(void); bool FIRCLSContextMarkAndCheckIfCrashed(void); - +void*(SecTaskCopyValueForEntitlement)(void* task, + CFStringRef entitlement, + CFErrorRef _Nullable* error); +void*(SecTaskCreateFromSelf)(CFAllocatorRef allocator); __END_DECLS diff --git a/Crashlytics/Crashlytics/Components/FIRCLSContext.m b/Crashlytics/Crashlytics/Components/FIRCLSContext.m index 3242a08e884..41e1b336a13 100644 --- a/Crashlytics/Crashlytics/Components/FIRCLSContext.m +++ b/Crashlytics/Crashlytics/Components/FIRCLSContext.m @@ -182,10 +182,19 @@ #if CLS_MACH_EXCEPTION_SUPPORTED dispatch_group_async(group, queue, ^{ - _firclsContext.readonly->machException.path = - FIRCLSContextAppendToRoot(rootPath, FIRCLSReportMachExceptionFile); - - FIRCLSMachExceptionInit(&_firclsContext.readonly->machException); + CFErrorRef err = nil; + // return number or nil if no such entitlement + // https://developer.apple.com/documentation/bundleresources/entitlements/com.apple.security.hardened-process.platform-restrictions + NSNumber* hasRuntimeRestriction = (__bridge NSNumber*)SecTaskCopyValueForEntitlement( + SecTaskCreateFromSelf(NULL), + CFSTR("com.apple.security.hardened-process.platform-restrictions"), &err); + // if does not have runtime restriction and no error + if (!hasRuntimeRestriction && !err) { + _firclsContext.readonly->machException.path = + FIRCLSContextAppendToRoot(rootPath, FIRCLSReportMachExceptionFile); + + FIRCLSMachExceptionInit(&_firclsContext.readonly->machException); + } }); #endif