Description

We recently received a security report about unsafe usages. Whilst there's not always a safe alternative available (especially cross-platform) we can still have a check and ensure we have best-effort implementations for:

• input validation
• buffer management
• return values are in proper format (e.g. null terminated strings)

Detailed report:

Format String Vulnerabilities

libsentry-android.so
  snprintf: 00001c92
libsentry.so
  fprintf: 000d4d98
  snprintf: 00074252
  vfprintf: 000d102a
  vprintf: 0008c4da
  vsnprintf: 0007914a

Buffer Overflow Vulnerabilities

libsentry.so
  strncpy: 000d34ea
  memcpy: 000d40b0

Buffer Overflow Danger Functions

libsentry.so
  realpath: 0007cd4e