- Description: An attacker provides excessively long text, deeply nested HTML (if used in attributed strings), or extremely large images as input to a cell. This forces
UITableView-FDTemplateLayoutCellto spend a significant amount of CPU time calculating the cell's height before caching it. This can lead to UI freezes or application crashes. The attacker might repeatedly trigger this with different inputs to amplify the effect. This directly impacts the library's core functionality. - Impact: Application unresponsiveness (UI freeze) or crash, leading to denial of service.
- Affected Component:
fd_systemFittingHeightForConfiguratedCell:(and related methods that perform the initial height calculation using Auto Layout). This is the core function where the size calculation happens, and it's directly part of the library.- The underlying Auto Layout engine is involved, but the trigger and the management of the calculation are within
UITableView-FDTemplateLayoutCell.
- Risk Severity: High
- Mitigation Strategies:
- Input Validation: Implement strict limits on input length (text, HTML), image dimensions, and complexity before the data is passed to the table view. This is crucial, even though it's technically outside the library, because it directly prevents the library from being abused.
- Maximum Height Constraints: Set reasonable
maxHeightconstraints on content views within the template cell's XIB or storyboard. This helps Auto Layout, which the library relies on. - Asynchronous Calculation (with Placeholder): For potentially complex cells, perform the initial height calculation on a background thread. Display a placeholder cell or loading indicator while the calculation is in progress. Ensure thread-safe UI updates. This directly mitigates the impact on the main thread caused by the library's calculation.
- Calculation Timeout: Implement a timeout for the height calculation within your usage of the library. If it exceeds the timeout, abort the calculation, display a default height or error message, and log the event. This is a direct intervention in the library's operation.
- Description: An attacker crafts a large number of unique cell configurations (e.g., by varying input slightly) to force the creation of many cache entries within
UITableView-FDTemplateLayoutCell's internal cache. If the cache grows unbounded, it can consume all available memory, leading to a crash. This directly targets the library's caching mechanism. - Impact: Application crash due to out-of-memory error (OOM).
- Affected Component:
fd_indexPathHeightCache(or the equivalent property/object that manages the height cache). This is the primary component responsible for storing and retrieving cached heights, and it's entirely within the library.- The underlying caching mechanism (likely
NSCache, but could be a custom implementation). WhileNSCachehas some built-in protections, the library's use of it is the vulnerability point.
- Risk Severity: Medium (Promoted to High due to direct library involvement and potential for OOM). While
NSCachemitigates this somewhat, a custom implementation or misconfiguration could make it High. We'll assume the worst-case scenario for this focused list. - Mitigation Strategies:
- Rely on NSCache (and Configure): If using
NSCache(the default), ensure it's properly configured.NSCacheautomatically evicts entries under memory pressure, but you can fine-tune its behavior. - Configure NSCache Limits: Explicitly set
NSCache'scountLimitandtotalCostLimitto control its maximum size. This is a direct configuration of how the library uses the cache. - Custom Cache Management (If Applicable): If the library uses a custom caching mechanism (less likely, but possible), you must implement a robust eviction policy (e.g., LRU - Least Recently Used) and a strict maximum cache size. This would involve modifying the library's code, or forking it.
- Memory Monitoring: Monitor application memory usage to detect excessive cache growth. This helps identify if the library's cache is becoming a problem.
- Rely on NSCache (and Configure): If using