Category Archives: buffer-overflow

What happens when you add one to an integer?

Posted on 2013-01-10 by Graham

It depends. You saw in the previous post that there are plenty of different integer types, some with known sizes and some where the size is set by the implementation. Well for each size of integer type there are two … Continue reading →

Posted in buffer-overflow, code-level | Comments Off

On the top 5 iOS appsec issues

Posted on 2011-05-20 by Graham

Nearly 13 months ago, the Intrepidus Group published their top 5 iPhone application development security issues. Two of them are valid issues, the other three they should perhaps have thought longer over. The good Sensitive data unprotected at rest Secure … Continue reading →

Posted in buffer-overflow, code-level, Crypto, Data Leakage, Encryption, iPad, iPhone, ssl, Updates, user-error, Vulnerability | 2 Comments

On localisation and security

Posted on 2010-05-09 by Graham

Hot on the heels of Uli’s post on the problems of translation, I present another problem you might encounter while localising your code. This is a genuine bug (now fixed, of course) in code I have worked on in the … Continue reading →

Posted in buffer-overflow, l10n, Mac, Vulnerability | 2 Comments

Category Archives: buffer-overflow

What happens when you add one to an integer?

On the top 5 iOS appsec issues

On localisation and security

OOP the Easy Way

APPropriate Behaviour

APPosite Concerns

FSF