Skip to content

MASTG-TEST-0279: Pasteboard Contents Not Expiring

Overview

This test checks if the app sets an expiration date for the contents of the general pasteboard using the UIPasteboard.setItems(_:options:) method with the UIPasteboard.Options.expirationDate option. If sensitive data is left in the pasteboard without an expiration date, it can be accessed by other apps indefinitely, leading to potential data leaks.

Steps

  1. Run a static analysis scan using radare2 for iOS to detect usage of the UIPasteboard.general property.
  2. Run a static analysis scan using radare2 for iOS to detect usage of the UIPasteboard.setItems(_:options:) method.

Observation

The output should contain a list of locations where relevant APIs are used.

Evaluation

The test fails if the app uses the general pasteboard without setting an expiration date for its contents. Specifically, ensure that the UIPasteboard.setItems(_:options:) method is called with the UIPasteboard.Options.expirationDate option.