Resiliency / Debug Symbols Present in the Application

Description

Debug Symbols Present in the Application (CWE-599) is a vulnerability found in iOS and Mobile App software applications. This vulnerability occurs when debug symbols are left in the final application, which can be used by attackers to reverse engineer the application and discover vulnerabilities. As listed in the OWASP Testing Guide, the presence of debug symbols in the application can lead to the disclosure of sensitive information, such as the source code, application architecture, and debugging information. This information can then be used to exploit the application.

Risk

The presence of debug symbols in an application increases the risk of a successful attack. Debug symbols can provide attackers with critical information about an application, such as the source code, application architecture, and debugging information, which they can use to find and exploit vulnerabilities. This can lead to serious security issues such as data leakage, unauthorized access, and malicious activity.

Solution

Removing debug symbols from the application code is the best way to prevent this vulnerability. The code should be reviewed and all debug symbols should be removed and replaced with stubs or other methods to prevent access to the information. The code should also be tested for any potential vulnerabilities that may have been introduced by the removal of the symbols.

Example

The following example is from the CVE directory (CVE-2019-10968). In this example, debug symbols were present in the application, which allowed attackers to reverse engineer the application and discover a vulnerability.

#include <stdio.h>
#include <unistd.h>

int main(int argc, char *argv[])
{
  char buf[128];
  int i;

  // DEBUG SYMBOLS PRESENT
  printf("Welcome to the vulnerable program!\n");
  
  // ...
  
  return 0;
}