About Us
Lorem Ipsum is simply dummy text ofering thetonat sunrising printing and typesetting industry seo is partysipati carma. Lorem Ipsum is simply dummy,
Follow Us

Displaying Stack Traces in Error Messages

Displaying Stack Traces in Error Messages

Mobile applications often show errors messages to their users. A variety of error messages are available. Application developers choose an appropriate message for a situation and embed it into the source code. When the error condition occurs, the embedded message is displayed. Some error messages reveal information about application functionality. A person with malicious intent may use this information to harm the system. Let’s have an example of the ‘PrintStackTrace ()’ error message to understand the scenario better.

A mobile application executes the ‘PrintStackTrace ()’ method whenever a particular error condition occurs, and its result is displayed to users. This method lists out the functions that were under execution at the instance the error occurred. This list is called ‘stack trace’. An attacker purposefully enters incorrect inputs to view error messages. He is shown a list of functions as a result of his wrong inputs. The attacker manages to get multiple stack traces this way, and figures out a majority of the app’s functionality, and subsequently its flaws. He exploits the weaknesses and gains unauthorized access to the app.

It is recommended to refrain from using error messages that would reveal application’s internal details. Instead, customized error messages could be used, that would not disclose system-related information.

No Comments

Leave a Comment

Get In Touch
close slider