Binary make use of malloc & banned APIs

I am building a ionic 4 application for iOS. The PEN test team reported that the ipa make use of malloc and banned APIs _fopen, _sscanf, _memcpy. These functions are dangerous because they might lead to memory corruption and should not be used anymore.

Any help to fix this issue ?


Banned by who? Is this an official Apple thing, or some arbitrary security requirement somebody inside your company came up with?

Apple deprecated some of these APIs. In ionic 4 , we are not generating the code for ipa file.So want to listen from Ionic official team on their response

How are you building the app? If it is Cordova-based, you need to make sure it is current. The same goes for any plugins you use. All the true native parts are in those elements, and not Ionic itself.

1 Like

I am using ionic cordova build iOS command.
Corodva is the latest version used ionic install cordova command
“cordova-ios”: “5.1.1”
Other plugin are also latest plugins as I am building without any version specified.


This forum is not the place to ask for official ionic support

Can you please suggest where should I raise the issue ?

Go to google

Type: ionic support

Btw, u probably need to be a paying customer to get the priority you seem to need

There’s a difference between deprecated and banned.

@Tommertom the forum is a place to get a response regarding things like this…

@Sudhalearns, I’ll echo what @mirkonasato says, “deprecated” APIs are one thing, and banned APIs are something very different. Most of the time when those APIs are used, it’s for version support, in order to support older versions of iOS. Or the APIs that are deprecated are more stable that the replacement APIs. For the most part, you should be fine.


Thanks @mhartington, so this should be an issue, right?

Some of these are not available now to use. ```
The binary may contain the following banned API(s)
alloca, strlen, sprintf, memcpy.