зеркало из https://github.com/microsoft/DevSkim.git
12 строки
531 B
Markdown
12 строки
531 B
Markdown
## Do not include user-input directoy in format strings
|
|
|
|
### Summary
|
|
Do not create NSString objects using a user-provided format string, as this could lead to a security vulnerability. https://www.securecoding.cert.org/confluence/display/c/FIO30-C.+Exclude+user+input+from+format+strings
|
|
|
|
### Details
|
|
TO DO - put more details of problem and solution here
|
|
|
|
### Severity Considerations
|
|
TO DO - put more details on the severity of the issue here. Generally how big of a problem is this, and what makes it more or less of a problem?
|
|
|