diff --git a/tests-beta/ios/MASVS-CODE/MASTG-TEST-0x87-2.md b/tests-beta/ios/MASVS-CODE/MASTG-TEST-0x87-2.md index 8a2ba5acc3..fbeff2deea 100644 --- a/tests-beta/ios/MASVS-CODE/MASTG-TEST-0x87-2.md +++ b/tests-beta/ios/MASVS-CODE/MASTG-TEST-0x87-2.md @@ -13,9 +13,9 @@ This test case checks if the main binary or any libraries of the app are compile This test applies to all binaries and libraries: - It is especially important for non-memory safe languages like Objective-C or C/C++. -- For pure Swift apps, checking for stack canaries can be usually skipped, as Swift is considered a memory safe by design and conventional parsing techniques cannot detect stack canaries in Swift binaries (see section "canary – exceptions" of this [blog post](https://sensepost.com/blog/2021/on-ios-binary-protections/)). +- For pure Swift apps, checking for stack canaries can be usually skipped, as Swift is considered a memory safe by design and conventional parsing techniques cannot detect stack canaries in Swift binaries (see the "canary – exceptions" section of this [blog post](https://sensepost.com/blog/2021/on-ios-binary-protections/)). -To differentiate between Objective-C and Swift binaries, you can inspect the imports and linked libraries. Detecting Objective-C binaries is straightforward, but detecting pure Swift binaries is more challenging because depending on the Swift version and compiler settings, the binary might still contain Objective-C symbols or libraries. See section "identifying objc vs swift" of this [blog post](https://sensepost.com/blog/2021/on-ios-binary-protections/) for more details. +To differentiate between Objective-C and Swift binaries, you can inspect the imports and linked libraries. Detecting Objective-C binaries is straightforward, but detecting pure Swift binaries is more challenging because depending on the Swift version and compiler settings, the binary may still contain Objective-C symbols or libraries. See the "identifying objc vs swift" section of this [blog post](https://sensepost.com/blog/2021/on-ios-binary-protections/) for more details. ## Steps @@ -32,6 +32,6 @@ The output should contain a list of symbols of the main binary and each shared l The test case fails any binary or library is not purely Swift but does not contain methods indicating stack canaries like `objc_autorelease` or `objc_retainAutorelease`. -**Note:** Checking for the symbol `__stack_chk_fail` only indicates that stack smashing protection is enabled somewhere in the app. Whilst stack canaries are typically enabled or disabled for the whole binary, there can be corner cases, where only parts of the application are protected. E.g., when the app developer statically links a library with enables stack smashing protection, but disables it for the whole application. +**Note:** Checking for the `__stack_chk_fail` symbol only indicates that stack smashing protection is enabled somewhere in the app. While stack canaries are typically enabled or disabled for the entire binary, there may be corner cases where only parts of the application are protected. For example, if the app developer statically links a library with stack smashing protection enabled, but disables it for the entire application. -If you want to be sure specific security critical methods are protected sufficiently, you need to reverse engineer each, and check for stack smashing protection manually. +If you want to be sure that specific security-critical methods are sufficiently protected, you need to reverse-engineer each of them and manually check for stack smashing protection. diff --git a/tests-beta/ios/MASVS-CODE/MASTG-TEST-0x87-3.md b/tests-beta/ios/MASVS-CODE/MASTG-TEST-0x87-3.md index 0ac8b298ba..25b9a6a43e 100644 --- a/tests-beta/ios/MASVS-CODE/MASTG-TEST-0x87-3.md +++ b/tests-beta/ios/MASVS-CODE/MASTG-TEST-0x87-3.md @@ -8,7 +8,7 @@ weakness: MASWE-0116 ## Overview -This test case checks if [ARC (Automatic Reference Counting)](../../../Document/0x04h-Testing-Code-Quality.md/#automatic-reference-counting) is anabled in iOS apps. ARC is a compiler feature in Objective-C and Swift that automates memory management, reducing the likelihood of memory leaks and other related issues. Enabling ARC is crucial for maintaining the security and stability of iOS applications. +This test case checks if [ARC (Automatic Reference Counting)](../../../Document/0x04h-Testing-Code-Quality.md/#automatic-reference-counting) is enabled in iOS apps. ARC is a compiler feature in Objective-C and Swift that automates memory management, reducing the likelihood of memory leaks and other related issues. Enabling ARC is crucial for maintaining the security and stability of iOS applications. - **Objective-C Code:** ARC can be enabled by compiling with the `-fobjc-arc` flag in Clang. - **Swift Code:** ARC is enabled by default. @@ -28,8 +28,8 @@ The output should contain a list of symbols of the main binary and each shared l ## Evaluation -The test fails if any binary or library containing Objective-C or Swift code lacks ARC-related symbols. Presence of symbols such as `_objc_msgSend` (Objective-C) or `_swift_allocObject` (Swift) without corresponding ARC symbols indicates that ARC may not be enabled. +The test fails if any binary or library containing Objective-C or Swift code is missing ARC-related symbols. The presence of symbols such as `_objc_msgSend` (Objective-C) or `_swift_allocObject` (Swift) without corresponding ARC symbols indicates that ARC may not be enabled. -**Note:** Checking for these symbols only indicates that ARC is enabled somewhere in the app. Whilst typically ARC will be enabled or disabled for the whole binary, there can be corner cases, where only parts of the application or libraries are protected. For example, when the app developer statically links a library that has ARC enabled, but disables it for the whole application. +**Note:** Checking for these symbols only indicates that ARC is enabled somewhere in the app. While ARC is typically enabled or disabled for the entire binary, there can be corner cases where only parts of the application or libraries are protected. For example, if the app developer statically links a library that has ARC enabled, but disables it for the entire application. -If you want to be sure specific security critical methods are protected sufficiently, you need to reverse engineer each, and check for ARC manually or request the source code from the developer. +If you want to be sure that specific security-critical methods are adequately protected, you need to reverse-engineer each of them and manually check for ARC, or request the source code from the developer.