Software Assurance            Software Hardening            Autonomic Computing

CodeSonar Enters the World of iOS and Objective-C


objc_codesonar.jpg

INTRODUCTION:

A new version of GrammaTech CodeSonar is adding Objective-C support to its suite of supported languages. CodeSonar’s advanced static analysis capabilities gives iOS developers the opportunity to improve quality and security in their applications. Objective-C is relatively popular even compared to C and C++ mainly due to it being the main programming language for iOS apps (Swift is catching up quickly.) Just like any programming language, especially one based on C, Objective C can suffer from serious bugs due to programming errors that can cause crashes or introduce security vulnerabilities. So, what are the advantages to the iOS developer of using CodeSonar advanced static analysis?

Related:


Mobile iOS Apps Vulnerable to Attack

The Apple mobile ecosystem has fared better at securing applications than others but any app can suffer from quality and security issues. In fact, there’s a long list of known security vulnerabilities in the iPhone OS itself (CVE details.) and any help from automation is useful.  According to Arxan, 92% of the top paid apps and 40% of the top free apps have been hacked in one way or another (although they apply a very loose definition of “hacked.”).

A survey in 2016 by the Blancco Technology Group found that 58% of iOS-based devices suffered from apps crashing or other components shutting down (outpacing Android for the first time.) Suffice to say, mobile apps in the Apple ecosystem are not immune to bugs and vulnerabilities.  

CodeSonar for Objective-C

In most respects, CodeSonar works the same way on Objective-C as it does for C and C++. The tools can be hosted on Mac OS X and run from the command line or for Xcode projects. The analysis engine understands the syntax and semantics of Objective-C. Most of the critical bugs found by CodeSonar for C apply equally to Objective-C (buffer overrun, stack overflow, allocation/deallocation issues, use of null pointers, etc.) Warnings are stored in a database and managed in the same way as any other language. Some examples are shown later in this post.

How does CodeSonar differ from the CLANG static analyzer?

The CLANG static analyzer works on Objective-C and is free of charge and nicely integrated with Xcode. So why use CodeSonar if the CLANG static analyzer is available for free? Although the CLANG analyzer is an impressive tool it doesn’t provide the in-depth, inter-procedural (and inter-compilation unit) path-sensitive analysis that CodeSonar does. CodeSonar as an enterprise level software development tool supports large-scale deployment and management of static analysis results on a per-project and per-build basis. As team and code size grows, the advantages are more evident.

Examples

Understanding Objective-C Message Passing

Objective C uses a function calling mechanism called message passing that differs from C++. What complicates their semantics is the message passing isn’t bound until runtime. However, CodeSonar can reason about the target of these message sends and still perform code path analysis to find errors. The following example illustrates a simple message passing example. 

#import <Foundation/Foundation.h>

@interface Base : NSObject
-(int)getBaseNumber;
@end

@implementation Base
-(int)getBaseNumber {
    return 10;
}
@end

@interface Foo : Base
-(int)getNumber;
@end

@implementation Foo
-(int)getNumber {
    return -10;
}
@end

int main() {
    Foo *foo = [[Foo alloc] init];
    int ten = [foo getBaseNumber];
    int minus_ten = [foo getNumber]; // CodeSonar is able to resolve
                                     // both the above message sends.
  
    int dbz = 1 / (ten + minus_ten);
    return 0;
}

The warning as reported by CodeSonar, detecting the divide by zero error despite the complication of Objective C messaging:

MessageExampleWarningReport.png

Buffer Overrun in the OmniGroup Open Source Project

We tested our Objective C capability on various open source projects. We found some interesting bugs, one of which is illustrated here, a buffer overrun in the OmniGroup project, in ONPortAddress.m. (We’ve submitted a patch, which was accepted and the problem is fixed.) The GitHub patch submission and CodeSonar warning follows:

OmniGithub.png

OmniGroupWarningReport.png


CONCLUSION:

App development for iOS and Mac OS X is till fraught with quality and security issues despite perceptions versus competitors. Developers need to consider advanced static analysis as an important part of the software tool chain.  CodeSonar Objective C support brings advanced static analysis to the iOS ecosystem and with it improved quality and security and equally critical; scalable enterprise-level project support.

Interested in CodeSonar for Objective-C?

Free 30-Day Evaluation