Hi, Java already provides bound arrays and GC both of which remove the need for these flags. So user code is 100% secure in Codename One without these flags. Our native layer is written in C (not Objective-C) which is less susceptible to blind attacks and isn't impacted by ARC anyway. So this CWE doesn't really apply to Codename One code.
On Tuesday, October 20, 2020 at 12:40:03 PM UTC+3 [email protected] wrote: > Hi, > > thank you for your reply. > > We have a security audit on our iOS application and they detected a > vulnerability related to those flags. > > https://cwe.mitre.org/data/definitions/199.html > > > > > > > On Monday, October 19, 2020 at 12:56:23 PM UTC+1, ahmed talbi wrote: >> >> Hi All, >> We are looking for a way to add compilation flags *stack-protector-all *and >> *fbojc-arc *for iOS projects in Codename One. >> Best regards >> > -- You received this message because you are subscribed to the Google Groups "CodenameOne Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/codenameone-discussions/04d166b8-9c07-4cab-b05e-75878a980bf2n%40googlegroups.com.
