ios - 使用 SecItemCopyMatching 和 Veracode 进行错误处理

Question

我使用 Veracode 扫描我的应用程序并出现以下错误未检查的错误条件。这是我的代码:

    let status = withUnsafeMutablePointer(to: &queryResult) {
        SecItemCopyMatching(query as CFDictionary, UnsafeMutablePointer($0))
    }

    // Check the return status and throw an error if appropriate.
    guard status != errSecItemNotFound else {
        throw KeychainError.noKeychain
    }
    guard status == noErr else {
        throw KeychainError.unhandledError(status: status)
    }

错误出现在这一行:SecItemCopyMatching(query as CFDictionary, UnsafeMutablePointer($0))

Error handling problems occur when an application does not properly handle errors that occur during processing. If a function does not generate the correct return/status codes, or if the product does not handle all possible return/status codes that could be generated by a function, then security issues may result. Similarly, failing to catch an exception thrown by a function can potentially cause the program to crash or to behave in an unexpected manner.

Answer 1

根据documentation of withUnsafeMutablePointer ，闭包中的参数已经是 UnsafeMutablePointer类型。所以基本上你正在通过 UnsafeMutablePointer<UnsafeMutablePointer>至SecItemCopyMatching ，其中(如果您想坚持 UnsafeMutablePointer )您应该传递 UnsafeMutablePointer<CFTypeRef> 。所以尝试一下

SecItemCopyMatching(query as CFDictionary, $0)