Use of malloc, fopen and sscanf in function _initializeAvailabilityCheck tagged as insecure API in penetration testing

[kmaschke85]

Our app has been put through penetration testing. The app has been tagged as making use of insecure APIs because we make use of the C functions malloc, sscanf and fopen:

CWE-676: Use of Potentially Dangerous Function
The product invokes a potentially dangerous function that could introduce a vulnerability if it is used incorrectly, but the function can also be used safely.
https://cwe.mitre.org/data/definitions/676.html

CWE-789: Memory Allocation with Excessive Size Value
The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.
https://cwe.mitre.org/data/definitions/789.html

By disassembling our app it turned out that the use of #available/@available attributes is the cause of the use.
https://github.com/llvm/llvm-project/blob/main/compiler-rt/lib/builtins/os_version_check.c

The testers recommended to use

• fopen_s instead of fopen
• sscanf_s instead of sscanf
• calloc instead of malloc

Is there any chance this could be fixed? Thanks!

FYI: the penetration test scan only finds these usages when targeting iOS 14.x, means that this appears to be solved somehow with iOS 15.

[gbMattN]

I have a working patch for this here, #98659