The customer requested a pen-test for this app, and they reported some issues related to buffer overflow and weak randomness functions. I reviewed the identified methods, but I couldn't find them in the code or third-party SDKs. We would like to know if you can review these methods to see if there is a possible solution or if you can guarantee that these functions are safe.
They say that they applied a reverse engineering tool and it delivered our app compiled using this c/c++ functions that are considered unsafe.
The tool used is: Ghidra (https://ghidra-sre.org/)
These are methods reported by Ciber security team:
Related to buffer overflow:
Related to weak randomness functions: