11LEGACY ISSUES AND BAGGAGE FROM C
Objective-C and Cocoa help mitigate many security problems that you might run into with C or C++. Objective-C is, however, still a flavor of C, which fundamentally isn’t a “safe” language, and some Cocoa APIs are still vulnerable to the types of data theft or code execution attacks you might expect in C programs. C and C++ can also be intermingled freely with Objective-C. Many iOS applications use large amounts of C and C++ code, whether because developers want to use a familiar library or are trying to keep code as portable as possible between platforms. There are some mitigations in place to prevent code execution attacks, as discussed in Chapter 1, but these can be bypassed by more skilled attackers. As such, ...
Get iOS Application Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
