Movatterモバイル変換

[0]ホーム
URL:

Skip to content

MASTG-TEST-0280: Pasteboard Contents Not Restricted to Local Device

Overview

This test checks if the app restricts the contents of the generalpasteboard to the local device by using theUIPasteboard.setItems(_:options:) method with theUIPasteboard.OptionsKey.localOnly option. If sensitive data is placed in the general pasteboard without this restriction, it can be synced across devices via Universal Clipboard, leading to potential data leaks.

Steps

  1. Run a static analysis scan using radare2 for iOS to detect usage of theUIPasteboard.general property.
  2. Run a static analysis scan using radare2 for iOS to detect usage of theUIPasteboard.setItems(_:options:) method.

Observation

The output should contain a list of locations where relevant APIs are used.

Evaluation

The test fails if the app uses the general pasteboard without restricting its contents to the local device. Specifically, ensure that theUIPasteboard.setItems(_:options:) method is called with theUIPasteboard.Options.localOnly option.

[8]ページ先頭
©2009-2025 Movatter.jp