Secure Coding in C and C++
|
|
- Vernon Nichols
- 6 years ago
- Views:
Transcription
1 Secure Coding in C and C++ Robert C. Seacord AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo Singapore Mexico City
2 Foreword Preface About the Author xiii xvii xxiii Chapter 1 Running with Scissors Gauging the Threat 4 What Is the Cost? 5 Who Is the Threat? 6 Software Security Security Concepts 10 Security Policy 12 Security Flaws 12 Vulnerabilities 13 Exploits 14 Mitigations C and C++ 16 A Brief History 16 What Is the Problem with C? 17 Legacy Code 18 Other Languages Development Platforms 19 Operating Systems 20 Compilers Summary Further Reading 24
3 vi Contents Chapter 2 Chapter 3 Strings String Characteristics Strings in C++ Common String Manipulation Errors Unbounded String Copies Off-by-One Errors Null-Termination Errors String Truncation String Errors without Functions String Vulnerabilities Security Flaw Buffer Overflows Process Memory Organization Stack Management Stack Smashing Code Injection Are Injection Mitigation Strategies Prevention String Streams Detection and Recovery Notable Vulnerabilities Remote Login Kerberos Metamail Summary Further Reading Pointer Subterfuge Data Locations Function Pointers Data Pointers Modifying the Instruction Pointer Global Offset Table The.dtors Section Virtual Pointers The atexito and on_exit() Functions The longjmpo Function Exception Handling Structured Exception Handling System Default Exception Handling
4 v» Mitigation Strategies W A X Canaries Summary Further Reading Chapter 4 Dynamic Memory Management Dynamic Memory Management Common Dynamic Memory Management Errors Initialization Failing to Check Return Values Referencing Freed Memory Freeing Memory Multiple Times Improperly Paired Memory Management Functions Failure to Distinguish Sealars and Arrays Improper Use of Allocation Functions Doug Lea's Memory Allocator Memory Management Buffer Overflows Double-Free Vulnerabilities Writing to Freed Memory RtlHeap Memory Management in Win32 RtlHeap Data Structures Buffer Overflows Buffer Overflows (Redux) Writing to Freed Memory Double-Free Look-Aside Table Mitigation Strategies Null Pointers Consistent Memory Management Conventions Heap Integrity Detection phkmalloc Randomization Guard Pages OpenBSD Runtime Analysis Tools Windows XP SP2 Notable Vulnerabilities CVS Buffer Overflow Vulnerability Microsoft Data Access Components (MDAC)
5 Vl " Contents CVS Server Double-Free 148 Vulnerabilities in MIT Kerberos Summary Further Reading 149 Chapter 5 Integer Security Integers 152 Integer Representation 152 Integer Types I53 Integer Ranges Integer Conversions 159 Integer Promotions 159 Integer Conversion Rank 160 Conversions From Unsigned Integer Types 161 Conversions From Signed Integer Types 161 Signed or Unsigned Characters 162 Usual Arithmetic Conversions Integer Error Conditions 164 Integer Overflow 164 Sign Errors 166 Truncation Errors Integer Operations 167 Addition 169 Subtraction 172 Multiplication 174 Division I Vulnerabilities 181 Integer Overflow 182 Sign Errors 183 Truncation Errors Nonexceptional Integer Logic Errors Mitigation Strategies 187 Range Checking 188 Strang Typing 189 Compiler-Generated Runtime Checks 190 Safe Integer Operations 191 Arbitrary Precision Arithmetic 196 Testing 196 Source Code Audit Notable Vulnerabilities 197 XDR Library 197 Windows DirectX MIDI Library 198 Bash 199
6 IX 5.9 Summary 5.10 Further Reading Chapter 6 Formatted Output 6.1 Variadic Functions ANSI C Standard Arguments UNIX System V Varargs 6.2 Formatted Output Functions Format Strings GCC Visual C++.NET 6.3 Exploiting Formatted Output Functions Buffer Overflow Output Streams Crashing a Program Viewing Stack Content Viewing Memory Content Overwriting Memory Interna tionalization 6.4 Stack Randomization Thwarting Stack Randomization Writing Addresses in Two Words Direct Argument Access 6.5 Mitigation Strategies Dynamic Use of Static Content Restricting Bytes Written ISOAEC TR iostream versus stdio Testing Compiler Checks Lexical Analysis Static Taint Analysis Modifying the Variadic Function Implementation Exec Shield FormatGuard Libsafe Static Binary Analysis 6.6 Notable Vulnerabilities Washington University FTP Daemon CDE ToolTalk 6.7 Summary 6.8 Further Reading
7 Chapter 7 File I/O Concurrency 247 Race Conditions 248 Mutual Exclusion and Deadlock Time of Check, Time of Use Files as Locks and File Locking File System Exploits 254 Symbolic Linking Exploits 255 Temporary File Open Exploits 257 unlinko Race Exploit 260 Trusted Filenames 261 Nonunique Temp File Names Mitigation Strategies 262 Closing the Race Window 262 Eliminating the Race Object 266 Controlling Access to the Race Object 269 Race Detection Tools Summary 272 Chapter 8 Recommended Practices Secure Software Development Principles 277 Economy of Mechanism 278 Fail-Safe Defaults 278 Complete Mediation 278 Open Design 279 Separation of Privilege 279 Least Privilege 279 Least Common Mechanism 281 Psychological Acceptability Systems Quality Requirements Engineering Threat Modeling Use/Misuse Cases Architecture and Design Off-the-Shelf Software 288 Vulnerabilities in Existing Code 288 Secure Wrappers Compiler Checks Input Validation Data Sanitization 292 Black Listing 293 White Listing 294 Testing 294
8 xi 8.10 Static Analysis 295 Fortify 296 Prexis 297 Prevent 297 PREfix and PREfast Quality Assurance 298 Penetration Testing 299 Fuzz Testing 299 Code Audits 300 Developer Guidelines and Checklists 300 Independent Security Review Memory Permissions 302 W A X 302 PaX 303 Data Execution Prevention Defense in Depth TSP-Secure 304 Planning and Tracking 305 Quality Management Summary Further Reading 308 References 309 Acronyms 323 Index 329
Index. A Addition operations, Alcatraz, 272 alloca() function, 107
Seacord_book.fm Page 329 Thursday, August 11, 2005 3:10 PM Index A Addition operations, 169 172 Alcatraz, 272 alloca() function, 107 The Annotated C++ Reference Manual, 16 ANSI C standard arguments, 205
More informationQuality Code. Software Testing Principles, Practices, and Patterns. Stephen Vance. AAddison-Wesley
Quality Code Software Testing Principles, Practices, and Patterns Stephen Vance AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid
More informationC and C++ Secure Coding 4-day course. Syllabus
C and C++ Secure Coding 4-day course Syllabus C and C++ Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted toward our systems. This course
More informationMariaDB Crash Course. A Addison-Wesley. Ben Forta. Upper Saddle River, NJ Boston. Indianapolis. Singapore Mexico City. Cape Town Sydney.
MariaDB Crash Course Ben Forta A Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Cape Town Sydney Tokyo Singapore Mexico City
More informationApplication Programming
Multicore Application Programming For Windows, Linux, and Oracle Solaris Darryl Gove AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris
More informationSQL Queries. for. Mere Mortals. Third Edition. A Hands-On Guide to Data Manipulation in SQL. John L. Viescas Michael J. Hernandez
SQL Queries for Mere Mortals Third Edition A Hands-On Guide to Data Manipulation in SQL John L. Viescas Michael J. Hernandez r A TT TAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco
More informationProgramming in Python 3
Programming in Python 3 A Complete Introduction to the Python Language Mark Summerfield.4.Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich
More informationCloud Computing and SOA Convergence in Your Enterprise
Cloud Computing and SOA Convergence in Your Enterprise A Step-by-Step Guide David S. Lint hicum A Addison-Wesley Upper Saddle River, NT Boston Indianapolis San Francisco New York Toronto Montreal London
More informationDigital System Design with SystemVerilog
Digital System Design with SystemVerilog Mark Zwolinski AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo
More informationProgramming Guide. Aaftab Munshi Dan Ginsburg Dave Shreiner. TT r^addison-wesley
OpenGUES 2.0 Programming Guide Aaftab Munshi Dan Ginsburg Dave Shreiner TT r^addison-wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid
More informationPYTHON. p ykos vtawynivis. Second eciitiovl. CO Ve, WESLEY J. CHUN
CO Ve, PYTHON p ykos vtawynivis Second eciitiovl WESLEY J. CHUN. PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney
More informationProgramming with POSIX Threads
Programming with POSIX Threads David R. Butenhof :vaddison-wesley Boston San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sidney Tokyo Singapore Mexico City Contents List of
More informationFramework Design Guidelines
Framework Design Guidelines Conventions, Idioms, and Patterns for Reusable.NET Libraries Krzysztof Cwalina Brad Abrams Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto
More informationEssentials. Oracle Solaris Cluster. Tim Read. Upper Saddle River, NJ Boston Indianapolis San Francisco. Capetown Sydney Tokyo Singapore Mexico City
Oracle Solaris Cluster Essentials Tim Read PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo Singapore Mexico
More informationModern C++ Design. Generic Programming and Design Patterns Applied. Andrei Alexandrescu. AAddison-Wesley
Modern C++ Design Generic Programming and Design Patterns Applied Andrei Alexandrescu f AAddison-Wesley Boston San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo Singapore
More information\ Smart Client 0" Deploymentwith v^ ClickOnce
\ Smart Client 0" Deploymentwith v^ ClickOnce Deploying Windows Forms Applications with ClickOnce Brian Noyes TT fr Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto
More informationECLIPSE RICH CLIENT PLATFORM
ECLIPSE RICH CLIENT PLATFORM DESIGNING, CODING, AND PACKAGING JAVA TM APPLICATIONS Jeff McAffer Jean-Michel Lemieux v:addison-wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto
More informationModern C++ Design. Generic Programming and Design Patterns Applied. Andrei Alexandrescu. .~Addison-Wesley
Modern C++ Design Generic Programming and Design Patterns Applied Andrei Alexandrescu.~Addison-Wesley Boston " San Francisco " New York " Toronto " Montreal London " Munich " Paris " Madrid Capetown "
More informationModern C++ Design. Generic Programming and Design Patterns Applied. Andrei Alexandrescu
Modern C++ Design Generic Programming and Design Patterns Applied Andrei Alexandrescu ADDISON-WESLEY Boston San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo Singapore
More informationThe Unified Modeling Language User Guide
The Unified Modeling Language User Guide Grady Booch James Rumbaugh Ivar Jacobson Rational Software Corporation TT ADDISON-WESLEY Boston San Francisco New York Toronto Montreal London Munich Paris Madrid
More informationDB2 SQL Tuning Tips for z/os Developers
DB2 SQL Tuning Tips for z/os Developers Tony Andrews IBM Press, Pearson pic Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Cape Town Sydney
More informationThe Power of Events. An Introduction to Complex Event Processing in Distributed Enterprise Systems. David Luckham
The Power of Events An Introduction to Complex Event Processing in Distributed Enterprise Systems David Luckham AAddison-Wesley Boston San Francisco New York Toronto Montreal London Munich Paris Madrid
More informationCYSE 411/AIT681 Secure Software Engineering Topic #12. Secure Coding: Formatted Output
CYSE 411/AIT681 Secure Software Engineering Topic #12. Secure Coding: Formatted Output Instructor: Dr. Kun Sun 1 This lecture: [Seacord]: Chapter 6 Readings 2 Secure Coding String management Pointer Subterfuge
More information2/9/18. CYSE 411/AIT681 Secure Software Engineering. Readings. Secure Coding. This lecture: String management Pointer Subterfuge
CYSE 411/AIT681 Secure Software Engineering Topic #12. Secure Coding: Formatted Output Instructor: Dr. Kun Sun 1 This lecture: [Seacord]: Chapter 6 Readings 2 String management Pointer Subterfuge Secure
More informationSystems:;-'./'--'.; r. Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington
Data base 7\,T"] Systems:;-'./'--'.; r Modelsj Languages, Design, and Application Programming Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington Shamkant
More informationProgramming. Principles and Practice Using C++ Bjarne Stroustrup. / Addison-Wesley. Second Edition
Programming Principles and Practice Using C++ Second Edition Bjarne Stroustrup / Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid
More informationRails AntiPatterns. Chad Pytel. Best Practice Ruby on Rails Refactoring. Tammer Saleh. AAddison-Wesley
Rails AntiPatterns Best Practice Ruby on Rails Refactoring Chad Pytel Tammer Saleh AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich * Paris
More informationBuffer Overflow Defenses
Buffer Overflow Defenses Some examples, pros, and cons of various defenses against buffer overflows. Caveats: 1. Not intended to be a complete list of products that defend against buffer overflows. 2.
More informationEmbedded/Connected Device Secure Coding. 4-Day Course Syllabus
Embedded/Connected Device Secure Coding 4-Day Course Syllabus Embedded/Connected Device Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted
More informationFit for Developing Software
Fit for Developing Software Framework for Integrated Tests Rick Mugridge Ward Cunningham 04) PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich
More informationRefactoring HTML. Improving the Design of Existing Web Applications. Elliotte Rusty Harold. TT rvaddison-wesley
Refactoring HTML Improving the Design of Existing Web Applications Elliotte Rusty Harold TT rvaddison-wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich
More informationBuffer overflow prevention, and other attacks
Buffer prevention, and other attacks Comp Sci 3600 Security Outline 1 2 Two approaches to buffer defense Aim to harden programs to resist attacks in new programs Run time Aim to detect and abort attacks
More informationDatabase Concepts. David M. Kroenke UNIVERSITATSBIBLIOTHEK HANNOVER
Database Concepts Fifth Edition David M. Kroenke David J. Auer ^111 I ii i.111 111 n.n jiiim^ TECHNISCHE INFORMATIOMSBiBLIOTHEK UNIVERSITATSBIBLIOTHEK HANNOVER j TIB/UB Hannover Prentice Hall Boston Columbus
More informationJAVASCRIPT FOR PROGRAMMERS
JAVASCRIPT FOR PROGRAMMERS DEITEL DEVELOPER SERIES Paul J. Deitel Deitel & Associates, Inc. Harvey M. Deitel Deitel & Associates, Inc. PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco
More informationProgramming. In Ada JOHN BARNES TT ADDISON-WESLEY
Programming In Ada 2005 JOHN BARNES... TT ADDISON-WESLEY An imprint of Pearson Education Harlow, England London New York Boston San Francisco Toronto Sydney Tokyo Singapore Hong Kong Seoul Taipei New Delhi
More informationCNIT 127: Exploit Development. Ch 18: Source Code Auditing. Updated
CNIT 127: Exploit Development Ch 18: Source Code Auditing Updated 4-10-17 Why Audit Source Code? Best way to discover vulnerabilities Can be done with just source code and grep Specialized tools make it
More informationThe Java Tutorial. A Short Course on the Basics. Raymond Gallardo. Sowmya Kannan. AAddison-Wesley. Sharon Biocca Zakhour.
The Java Tutorial A Short Course on the Basics Fifth Edition Sharon Biocca Zakhour Sowmya Kannan Raymond Gallardo AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto
More informationBuffer overflow background
and heap buffer background Comp Sci 3600 Security Heap Outline and heap buffer Heap 1 and heap 2 3 buffer 4 5 Heap Outline and heap buffer Heap 1 and heap 2 3 buffer 4 5 Heap Address Space and heap buffer
More informationEssentials of Database Management
Essentials of Database Management Jeffrey A. Hoffer University of Dayton Heikki Topi Bentley University V. Ramesh Indiana University PEARSON Boston Columbus Indianapolis New York San Francisco Upper Saddle
More informationCLASSIC DATA STRUCTURES IN JAVA
CLASSIC DATA STRUCTURES IN JAVA Timothy Budd Oregon State University Boston San Francisco New York London Toronto Sydney Tokyo Singapore Madrid Mexico City Munich Paris Cape Town Hong Kong Montreal CONTENTS
More informationProgramming Wireless Devices with the Java 2 Platform, Micro Edition
Programming Wireless Devices with the Java 2 Platform, Micro Edition J2ME Connected Limited Device Configuration (CLDC) Mobile Information Device Profile (MIDP) Roger Riggs Antero Taivalsaari Mark VandenBrink
More informationReal-Time Systems and Programming Languages
Real-Time Systems and Programming Languages Ada, Real-Time Java and C/Real-Time POSIX Fourth Edition Alan Burns and Andy Wellings University of York * ADDISON-WESLEY An imprint of Pearson Education Harlow,
More informationModule: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Program Vulnerabilities Professor Trent Jaeger 1 Programming Why do we write programs? Function What functions do we enable via our programs?
More informationFUNDAMENTALS OF. Database S wctpmc. Shamkant B. Navathe College of Computing Georgia Institute of Technology. Addison-Wesley
FUNDAMENTALS OF Database S wctpmc SIXTH EDITION Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington Shamkant B. Navathe College of Computing Georgia Institute
More informationCNIT 127: Exploit Development. Ch 14: Protection Mechanisms. Updated
CNIT 127: Exploit Development Ch 14: Protection Mechanisms Updated 3-25-17 Topics Non-Executable Stack W^X (Either Writable or Executable Memory) Stack Data Protection Canaries Ideal Stack Layout AAAS:
More informationTHE AVR MICROCONTROLLER AND EMBEDDED SYSTEMS. Using Assembly and С
THE AVR MICROCONTROLLER AND EMBEDDED SYSTEMS Using Assembly and С Muhammad AH Mazidi Sarmad Naimi Sepehr Naimi Prentice Hall Boston Columbus Indianapolis New York San Francisco Upper Saddle River Amsterdam
More informationOpenGL SUPERBIBLE. Fifth Edition. Comprehensive Tutorial and Reference. Richard S. Wright, Jr. Nicholas Haemel Graham Sellers Benjamin Lipchak
OpenGL SUPERBIBLE Fifth Edition Comprehensive Tutorial and Reference Richard S. Wright, Jr. Nicholas Haemel Graham Sellers Benjamin Lipchak AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San
More informationHunting Security Bugs
Microsoft Hunting Security Bugs * Tom Gallagher Bryan Jeffries Lawrence Landauer Contents at a Glance 1 General Approach to Security Testing 1 2 Using Threat Models for Security Testing 11 3 Finding Entry
More informationDeveloper's HTML5. Cookbook. AAddison-Wesley. Chuck Hudson. Tom Leadbetter. Upper Saddle River, NJ Boston Indianapolis San Francisco
HTML5 Developer's Cookbook Chuck Hudson Tom Leadbetter AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo
More informationDomain-Specific. Languages. Martin Fowler. AAddison-Wesley. Sydney Tokyo. With Rebecca Parsons
Domain-Specific Languages Martin Fowler With Rebecca Parsons AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Sydney Tokyo Singapore
More informationCore Java Volume Ii Advanced Features 10th Edition
We have made it easy for you to find a PDF Ebooks without any digging. And by having access to our ebooks online or by storing it on your computer, you have convenient answers with core java volume ii
More informationCERT Secure Coding Initiative. Define security requirements. Model Threats 11/30/2010
Secure Coding Practices COMP620 CERT Secure Coding Initiative Works with software developers and software development organizations to reduce vulnerabilities resulting from coding errors Many of the slides
More informationModule: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Program Vulnerabilities Professor Trent Jaeger 1 Programming Why do we write programs? Function What functions do we enable via our programs?
More informationVirtualization from the Trenches
ps i: (; v s s o r t w v h \i mioour: TECH KIS CHE INFORM AT 8LIOTHEK UNIVERSITATSBiCLIOTHEK HANNOVER
More informationComputers as Components Principles of Embedded Computing System Design
Computers as Components Principles of Embedded Computing System Design Third Edition Marilyn Wolf ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY
More informationStack Vulnerabilities. CS4379/5375 System Security Assurance Dr. Jaime C. Acosta
1 Stack Vulnerabilities CS4379/5375 System Security Assurance Dr. Jaime C. Acosta Part 1 2 3 An Old, yet Still Valid Vulnerability Buffer/Stack Overflow ESP Unknown Data (unused) Unknown Data (unused)
More informationCoding for Penetration
Coding for Penetration Testers Building Better Tools Jason Andress Ryan Linn ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is
More informationFundamentals of. Database Systems. Shamkant B. Navathe. College of Computing Georgia Institute of Technology PEARSON.
Fundamentals of Database Systems 5th Edition Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington Shamkant B. Navathe College of Computing Georgia Institute
More informationIntegrated Approach. Operating Systems COMPUTER SYSTEMS. LEAHY, Jr. Georgia Institute of Technology. Umakishore RAMACHANDRAN. William D.
COMPUTER SYSTEMS An and Integrated Approach f Architecture Operating Systems Umakishore RAMACHANDRAN Georgia Institute of Technology William D. LEAHY, Jr. Georgia Institute of Technology PEARSON Boston
More informationManaged. Code Rootkits. Hooking. into Runtime. Environments. Erez Metula ELSEVIER. Syngress is an imprint of Elsevier SYNGRESS
Managed Code Rootkits Hooking into Runtime Environments Erez Metula ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEWYORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is an imprint
More informationSoftware Security: Buffer Overflow Defenses
CSE 484 / CSE M 584: Computer Security and Privacy Software Security: Buffer Overflow Defenses Fall 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin,
More informationModule: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Program Vulnerabilities Professor Trent Jaeger 1 1 Programming Why do we write programs? Function What functions do we enable via our programs?
More informationBuffer Overflows. A brief Introduction to the detection and prevention of buffer overflows for intermediate programmers.
Buffer Overflows A brief Introduction to the detection and prevention of buffer overflows for intermediate programmers. By: Brian Roberts What is a buffer overflow? In languages that deal with data structures
More informationIPHONE FOR PROGRAMMERS: AN APP-DRIVEN APPROACH
IPHONE FOR PROGRAMMERS AN APP-DRIVEN APPROACH DEITEL DEVELOPER SERIES Paul Deitel Harvey Deitel Abbey Deitel Eric Kern Michael Morgano All of Deitel & Associates, Inc. I '..'.' I; ' ' '. '... '. ".. '
More informationCopyright 2015 MathEmbedded Ltd.r. Finding security vulnerabilities by fuzzing and dynamic code analysis
Finding security vulnerabilities by fuzzing and dynamic code analysis Security Vulnerabilities Top code security vulnerabilities don t change much: Security Vulnerabilities Top code security vulnerabilities
More informationCIT 380: Securing Computer Systems. Software Security
CIT 380: Securing Computer Systems Software Security Topics 1. The problem of software security 2. System security standards 3. Secure lifecycle 4. Buffer overflows 5. Integer overflows 6. Format string
More informationLATEX. Leslie Lamport. Digital Equipment Corporation. Illustrations by Duane Bibby. v ADDISON-WESLEY
LATEX A Document Preparation System User's Guide and Reference Manual Leslie Lamport Digital Equipment Corporation Illustrations by Duane Bibby v ADDISON-WESLEY Boston San Francisco New York Toronto Montreal
More informationPrelude to Programming
GLOBAL EDITION Prelude to Programming Concepts and Design SIXTH EDITION Stewart Venit Elizabeth Drake Prelude toprogramming Sixth Edition Global Edition Concepts and Design Stewart Venit Elizabeth Drake
More informationCOMP3441 Lecture 7: Software Vulnerabilities
COMP3441 Lecture 7: Software Vulnerabilities Ron van der Meyden (University of New South Wales Sydney, Australia) April 22, 2013 Overview Buffer overflow attacks SQL injection attacks Defensive measures
More informationOpengl Programming On Mac Os X Architecture Performance
Opengl Programming On Mac Os X Architecture Performance We have made it easy for you to find a PDF Ebooks without any digging. And by having access to our ebooks online or by storing it on your computer,
More informationSecure Coding in C and C++ Dynamic Memory Management Lecture 5 Jan 29, 2013
Secure Coding in C and C++ Dynamic Memory Management Lecture 5 Jan 29, 2013 Acknowledgement: These slides are based on author Seacord s original presentation Issues Dynamic Memory Management Common Dynamic
More informationSecure Coding in C and C++
Secure Coding in C and C++ Dynamic Memory Management Lecture 5 Sept 21, 2017 Acknowledgement: These slides are based on author Seacord s original presentation Issues Dynamic Memory Management Common Dynamic
More informationDATABASE SYSTEM CONCEPTS
DATABASE SYSTEM CONCEPTS HENRY F. KORTH ABRAHAM SILBERSCHATZ University of Texas at Austin McGraw-Hill, Inc. New York St. Louis San Francisco Auckland Bogota Caracas Lisbon London Madrid Mexico Milan Montreal
More informationECLIPSE MODELING PROJECT
ECLIPSE MODELING PROJECT A Domain-Specific Language Toolkit Richard С. Gronback AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Pans Madrid
More informationLecture 4 September Required reading materials for this class
EECS 261: Computer Security Fall 2007 Lecture 4 September 6 Lecturer: David Wagner Scribe: DK Moon 4.1 Required reading materials for this class Beyond Stack Smashing: Recent Advances in Exploiting Buffer
More informationDeveloping Secure Software!
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A! Developing Secure Software! Copyright 2004-2007 Konstantin Beznosov 2! Vulnerability Report Statistics Outline!!! Why developing secure software
More informationSoftware Security: Buffer Overflow Attacks
CSE 484 / CSE M 584: Computer Security and Privacy Software Security: Buffer Overflow Attacks (continued) Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann,
More informationAgenda. Dynamic Memory Management. Robert C. Seacord. Secure Coding in C and C++
Dynamic Memory Management Secure Coding in C and C++ Robert C. Seacord CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 The CERT Coordination
More informationSecure Programming I. Steven M. Bellovin September 28,
Secure Programming I Steven M. Bellovin September 28, 2014 1 If our software is buggy, what does that say about its security? Robert H. Morris Steven M. Bellovin September 28, 2014 2 The Heart of the Problem
More informationPROBLEM SOLVING USING JAVA WITH DATA STRUCTURES. A Multimedia Approach. Mark Guzdial and Barbara Ericson PEARSON. College of Computing
PROBLEM SOLVING WITH DATA STRUCTURES USING JAVA A Multimedia Approach Mark Guzdial and Barbara Ericson College of Computing Georgia Institute of Technology PEARSON Boston Columbus Indianapolis New York
More informationAnany Levitin 3RD EDITION. Arup Kumar Bhattacharjee. mmmmm Analysis of Algorithms. Soumen Mukherjee. Introduction to TllG DCSISFI &
Introduction to TllG DCSISFI & mmmmm Analysis of Algorithms 3RD EDITION Anany Levitin Villa nova University International Edition contributions by Soumen Mukherjee RCC Institute of Information Technology
More informationBlack Hat Webcast Series. C/C++ AppSec in 2014
Black Hat Webcast Series C/C++ AppSec in 2014 Who Am I Chris Rohlf Leaf SR (Security Research) - Founder / Consultant BlackHat Speaker { 2009, 2011, 2012 } BlackHat Review Board Member http://leafsr.com
More informationSecure Coding In C And C Sei Series In Software Engineering
Secure Coding In C And C Sei Series In Software Engineering We have made it easy for you to find a PDF Ebooks without any digging. And by having access to our ebooks online or by storing it on your computer,
More informationBeyond Stack Smashing: Recent Advances in Exploiting. Jonathan Pincus(MSR) and Brandon Baker (MS)
Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns Jonathan Pincus(MSR) and Brandon Baker (MS) Buffer Overflows and How they Occur Buffer is a contiguous segment of memory of a fixed
More informationStack Overflow. Faculty Workshop on Cyber Security May 23, 2012
Stack Overflow Faculty Workshop on Cyber Security May 23, 2012 Goals Learn to hack into computer systems using buffer overflow Steal sensitive data Crash computer programs Lay waste to systems throughout
More informationC for Electronic Engineering
C for Electronic Engineering with applied software engineering William Buchanan Prentice Hall London New York Toronto Sydney Tokyo Singapore Madrid Mexico City Munich CONTENTS PREFACE 1 INTRODUCTION 1.1
More informationBuffer Overflow Attacks
Buffer Overflow Attacks 1. Smashing the Stack 2. Other Buffer Overflow Attacks 3. Work on Preventing Buffer Overflow Attacks Smashing the Stack An Evil Function void func(char* inp){ } char buffer[16];
More informationOracle Real Application Clusters Handbook
ORACLE Oracle Press Oracle Database 11 g Oracle Real Application Clusters Handbook Second Edition K Copalakrishnan Mc Gnaw Hill McGraw-Hill New York Chicago San Francisco Lisbon London Madrid Mexico City
More informationWorld Wide Web PROGRAMMING THE PEARSON EIGHTH EDITION. University of Colorado at Colorado Springs
PROGRAMMING THE World Wide Web EIGHTH EDITION ROBERT W. SEBESTA University of Colorado at Colorado Springs PEARSON Boston Columbus Indianapolis New York San Francisco Upper Saddle River Amsterdam Cape
More informationOutline. Classic races: files in /tmp. Race conditions. TOCTTOU example. TOCTTOU gaps. Vulnerabilities in OS interaction
Outline CSci 5271 Introduction to Computer Security Day 3: Low-level vulnerabilities Stephen McCamant University of Minnesota, Computer Science & Engineering Race conditions Classic races: files in /tmp
More informationCJT^jL rafting Cm ompiler
CJT^jL rafting Cm ompiler ij CHARLES N. FISCHER Computer Sciences University of Wisconsin Madison RON K. CYTRON Computer Science and Engineering Washington University RICHARD J. LeBLANC, Jr. Computer Science
More informationNetworking. Second Edition. Jeffrey S. Beasley. New Mexico State University
Networking Second Edition Jeffrey S. Beasley New Mexico State University PRENTICE HALL An Imprint of Pearson Education Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal
More informationCS 161 Computer Security
Paxson Spring 2017 CS 161 Computer Security Discussion 2 Question 1 Software Vulnerabilities (15 min) For the following code, assume an attacker can control the value of basket passed into eval basket.
More informationSimple Overflow. #include <stdio.h> int main(void){ unsigned int num = 0xffffffff;
Simple Overflow 1 #include int main(void){ unsigned int num = 0xffffffff; printf("num is %d bits long\n", sizeof(num) * 8); printf("num = 0x%x\n", num); printf("num + 1 = 0x%x\n", num + 1); }
More informationLecture 1: Buffer Overflows
CS5431 Computer Security Practicum Spring 2017 January 27, 2017 1 Conficker Lecture 1: Buffer Overflows Instructor: Eleanor Birrell In November 2008, a new piece of malware was observed in the wild. This
More informationCIT 480: Securing Computer Systems. Software Security
CIT 480: Securing Computer Systems Software Security Topics 1. The problem of software security 2. System security standards 3. Secure lifecycle 4. Buffer overflows 5. Integer overflows 6. Format string
More information12 th January MWR InfoSecurity Security Advisory. WebSphere MQ xcsgetmem Heap Overflow Vulnerability. Contents
Contents MWR InfoSecurity Security Advisory WebSphere MQ xcsgetmem Heap Overflow Vulnerability 12 th January 2009 2009-01-05 Page 1 of 9 Contents Contents 1 Detailed Vulnerability Description...5 1.1 Introduction...5
More informationDeveloping Secure Software. Vulnerability Report Statistics
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Developing Secure Software Copyright 2004-2007 Konstantin Beznosov Vulnerability Report Statistics 2 Session 11: Policies 1 Outline Why developing
More information2/9/18. Secure Coding. CYSE 411/AIT681 Secure Software Engineering. Agenda. Dynamic Memory Interface. Dynamic Memory Interface
Secure Coding CYSE 411/AIT681 Secure Software Engineering Topic #9. Secure Coding: Dynamic Memory Instructor: Dr. Kun Sun String management Pointer Subterfuge Dynamic memory management Integer security
More informationCMPSC 497 Buffer Overflow Vulnerabilities
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA CMPSC 497 Buffer Overflow
More information