3

During my iphone app (iOS7) submission process, I saw the errors shown in the screen. Basically, it says I used non-public symbols __strlcat_chk, strlcpy_chk, I know strlcat and strlcpy, but don't think it could be non-public. I used Xcode 5.

I also did a quick search strlcat() and strlcpy() in my project, I didn't see I used it.the app uploader shows the error screen

Any idea what could be the reason.

[Update] I actually got update from Apple, after submitting my ticket through my developer account (We all have 2 tech supports coming with the developer account.) Basically, Apple Support told me it's known issue. Tell apple your app name and id number, your app will be whitelisted. There will no problem to go through the submission verification process once Apple gives a Go signal.

Liangjun
  • 601
  • 4
  • 13
  • I am experiencing the same issue. I have emailed Apple about this, but no reply so far. – Vamos Sep 16 '13 at 07:35
  • By the way, are you using a library that uses OpenSSL? – Vamos Sep 16 '13 at 07:39
  • I just attempted to validate my iOS 7 app and I also have this problem. I am using SQLCipher, which relies on OpenSSL. Could that be the problem? – Tap Forms Sep 16 '13 at 08:23
  • @TapForms SQLCipher uses strlcat and strlcpy, have a look at my answer for more details, I don't think SQLCipher is doing anything Apple doesn't approve of, it seems Apple needs to fix it's iOS 7 SDK so it doesn't flag these method calls as 'private API' – Vamos Sep 16 '13 at 11:51
  • 1
    I worked around the issue by compiling SQLCipher with -DSQLCIPHER_CRYPTO_CC which tells it to use Apple's CommonCrypto library instead of OpenSSL. The benefit is that it compiles faster (not that it was slow before) and also apparently benefits from hardware acceleration of encryption code (according to the SQLCipher devs). – Tap Forms Sep 16 '13 at 17:14
  • This doesn't seem to be an issue with the latest version of XCode (Version 5.0 (5A1413)) – Vamos Oct 04 '13 at 15:38

2 Answers2

4

The reason for this can be found in the file:

iOS 7.0/usr/include/secure/_string.h

The code causing the issue seems here:

#if __has_builtin(__builtin___strlcat_chk) && __HAS_FIXED_CHK_PROTOTYPES #undef strlcat #define strlcat(dest, src, len) \ __builtin___strlcat_chk (dest, src, len, __darwin_obsz (dest)) #endif #endif /* __IPHONE_OS_VERSION_MIN_REQUIRED >= 70000 || __MAC_OS_X_VERSION_MIN_REQUIRED >= 1090 /
#endif / __DARWIN_C_LEVEL >= __DARWIN_C_FULL */

I'm not sure what this does, but my guess is this is what is being picked up as the issue when validating the code.

You can compare this to the iOS 6 version of the same _string.h file, and you'll see that there are no references to the two methods, strlcat and strlcpy.

There is also a comment with a rdar reference:

rdar://problem/12622659

Bottom line: This seems to be an issue with the iOS 7.0 SDK, and it's up to Apple to 'fix' it.

UPDATE:

If you really want to submit your app, simply edit the _string.h file, edit #define __HAS_FIXED_CHK_PROTOTYPES 1 to #define __HAS_FIXED_CHK_PROTOTYPES 0

Vamos
  • 2,701
  • 2
  • 24
  • 37
  • any update on this from apple? I am having the same issue as the author. I am trying to use the -DSQLCIPHER_CRYPTO_CC flag, but that means all previously encrypted data will be lost on the user device... – Klu Sep 18 '13 at 21:16
  • @Klu - you can try to flip `#define __HAS_FIXED_CHK_PROTOTYPES 1` to `#define __HAS_FIXED_CHK_PROTOTYPES 0` in _string.h, just to get the app submitted. – Vamos Sep 19 '13 at 05:30
  • 1
    I actually got update from Apple, after submitting my ticket through my developer account (We all have 2 tech supports coming with the developer account.) Basically, Apple Support told me it's known issue. Tell apple your app name and id number, your app will be whitelisted. There will no problem to go through the submission verification process once Apple gives a Go signal. – Liangjun Sep 24 '13 at 03:15
  • I exported `CFLAGS=-DMAC_OS_X_VERSION_MIN_REQUIRED=1060` to make it work. I had the problem when linking against sqlite which was not compiled like this. – Albert Nov 05 '13 at 20:20
2

I had this issue using a self-compiled version of OpenSSL. I recompiled OpenSSL against the iOS 6.1 SDK, added libssl.a and libcrypto.a into my project and then built/archived my app against SDK 7.0 and it has now passed validation.

So it does appear to be an issue with iOS 7.0 SDK, but if you still have access to the the 6.1 SDK this workaround should work.

Skaro
  • 21
  • 2