Secure Coding in C and C++

Size: px
Start display at page:

Download "Secure Coding in C and C++"

Transcription

1 Secure Coding in C and C++ Robert C. Seacord AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo Singapore Mexico City

2 Foreword Preface About the Author xiii xvii xxiii Chapter 1 Running with Scissors Gauging the Threat 4 What Is the Cost? 5 Who Is the Threat? 6 Software Security Security Concepts 10 Security Policy 12 Security Flaws 12 Vulnerabilities 13 Exploits 14 Mitigations C and C++ 16 A Brief History 16 What Is the Problem with C? 17 Legacy Code 18 Other Languages Development Platforms 19 Operating Systems 20 Compilers Summary Further Reading 24

3 vi Contents Chapter 2 Chapter 3 Strings String Characteristics Strings in C++ Common String Manipulation Errors Unbounded String Copies Off-by-One Errors Null-Termination Errors String Truncation String Errors without Functions String Vulnerabilities Security Flaw Buffer Overflows Process Memory Organization Stack Management Stack Smashing Code Injection Are Injection Mitigation Strategies Prevention String Streams Detection and Recovery Notable Vulnerabilities Remote Login Kerberos Metamail Summary Further Reading Pointer Subterfuge Data Locations Function Pointers Data Pointers Modifying the Instruction Pointer Global Offset Table The.dtors Section Virtual Pointers The atexito and on_exit() Functions The longjmpo Function Exception Handling Structured Exception Handling System Default Exception Handling

4 v» Mitigation Strategies W A X Canaries Summary Further Reading Chapter 4 Dynamic Memory Management Dynamic Memory Management Common Dynamic Memory Management Errors Initialization Failing to Check Return Values Referencing Freed Memory Freeing Memory Multiple Times Improperly Paired Memory Management Functions Failure to Distinguish Sealars and Arrays Improper Use of Allocation Functions Doug Lea's Memory Allocator Memory Management Buffer Overflows Double-Free Vulnerabilities Writing to Freed Memory RtlHeap Memory Management in Win32 RtlHeap Data Structures Buffer Overflows Buffer Overflows (Redux) Writing to Freed Memory Double-Free Look-Aside Table Mitigation Strategies Null Pointers Consistent Memory Management Conventions Heap Integrity Detection phkmalloc Randomization Guard Pages OpenBSD Runtime Analysis Tools Windows XP SP2 Notable Vulnerabilities CVS Buffer Overflow Vulnerability Microsoft Data Access Components (MDAC)

5 Vl " Contents CVS Server Double-Free 148 Vulnerabilities in MIT Kerberos Summary Further Reading 149 Chapter 5 Integer Security Integers 152 Integer Representation 152 Integer Types I53 Integer Ranges Integer Conversions 159 Integer Promotions 159 Integer Conversion Rank 160 Conversions From Unsigned Integer Types 161 Conversions From Signed Integer Types 161 Signed or Unsigned Characters 162 Usual Arithmetic Conversions Integer Error Conditions 164 Integer Overflow 164 Sign Errors 166 Truncation Errors Integer Operations 167 Addition 169 Subtraction 172 Multiplication 174 Division I Vulnerabilities 181 Integer Overflow 182 Sign Errors 183 Truncation Errors Nonexceptional Integer Logic Errors Mitigation Strategies 187 Range Checking 188 Strang Typing 189 Compiler-Generated Runtime Checks 190 Safe Integer Operations 191 Arbitrary Precision Arithmetic 196 Testing 196 Source Code Audit Notable Vulnerabilities 197 XDR Library 197 Windows DirectX MIDI Library 198 Bash 199

6 IX 5.9 Summary 5.10 Further Reading Chapter 6 Formatted Output 6.1 Variadic Functions ANSI C Standard Arguments UNIX System V Varargs 6.2 Formatted Output Functions Format Strings GCC Visual C++.NET 6.3 Exploiting Formatted Output Functions Buffer Overflow Output Streams Crashing a Program Viewing Stack Content Viewing Memory Content Overwriting Memory Interna tionalization 6.4 Stack Randomization Thwarting Stack Randomization Writing Addresses in Two Words Direct Argument Access 6.5 Mitigation Strategies Dynamic Use of Static Content Restricting Bytes Written ISOAEC TR iostream versus stdio Testing Compiler Checks Lexical Analysis Static Taint Analysis Modifying the Variadic Function Implementation Exec Shield FormatGuard Libsafe Static Binary Analysis 6.6 Notable Vulnerabilities Washington University FTP Daemon CDE ToolTalk 6.7 Summary 6.8 Further Reading

7 Chapter 7 File I/O Concurrency 247 Race Conditions 248 Mutual Exclusion and Deadlock Time of Check, Time of Use Files as Locks and File Locking File System Exploits 254 Symbolic Linking Exploits 255 Temporary File Open Exploits 257 unlinko Race Exploit 260 Trusted Filenames 261 Nonunique Temp File Names Mitigation Strategies 262 Closing the Race Window 262 Eliminating the Race Object 266 Controlling Access to the Race Object 269 Race Detection Tools Summary 272 Chapter 8 Recommended Practices Secure Software Development Principles 277 Economy of Mechanism 278 Fail-Safe Defaults 278 Complete Mediation 278 Open Design 279 Separation of Privilege 279 Least Privilege 279 Least Common Mechanism 281 Psychological Acceptability Systems Quality Requirements Engineering Threat Modeling Use/Misuse Cases Architecture and Design Off-the-Shelf Software 288 Vulnerabilities in Existing Code 288 Secure Wrappers Compiler Checks Input Validation Data Sanitization 292 Black Listing 293 White Listing 294 Testing 294

8 xi 8.10 Static Analysis 295 Fortify 296 Prexis 297 Prevent 297 PREfix and PREfast Quality Assurance 298 Penetration Testing 299 Fuzz Testing 299 Code Audits 300 Developer Guidelines and Checklists 300 Independent Security Review Memory Permissions 302 W A X 302 PaX 303 Data Execution Prevention Defense in Depth TSP-Secure 304 Planning and Tracking 305 Quality Management Summary Further Reading 308 References 309 Acronyms 323 Index 329

Index. A Addition operations, Alcatraz, 272 alloca() function, 107

Index. A Addition operations, Alcatraz, 272 alloca() function, 107 Seacord_book.fm Page 329 Thursday, August 11, 2005 3:10 PM Index A Addition operations, 169 172 Alcatraz, 272 alloca() function, 107 The Annotated C++ Reference Manual, 16 ANSI C standard arguments, 205

More information

Quality Code. Software Testing Principles, Practices, and Patterns. Stephen Vance. AAddison-Wesley

Quality Code. Software Testing Principles, Practices, and Patterns. Stephen Vance. AAddison-Wesley Quality Code Software Testing Principles, Practices, and Patterns Stephen Vance AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid

More information

C and C++ Secure Coding 4-day course. Syllabus

C and C++ Secure Coding 4-day course. Syllabus C and C++ Secure Coding 4-day course Syllabus C and C++ Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted toward our systems. This course

More information

MariaDB Crash Course. A Addison-Wesley. Ben Forta. Upper Saddle River, NJ Boston. Indianapolis. Singapore Mexico City. Cape Town Sydney.

MariaDB Crash Course. A Addison-Wesley. Ben Forta. Upper Saddle River, NJ Boston. Indianapolis. Singapore Mexico City. Cape Town Sydney. MariaDB Crash Course Ben Forta A Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Cape Town Sydney Tokyo Singapore Mexico City

More information

Application Programming

Application Programming Multicore Application Programming For Windows, Linux, and Oracle Solaris Darryl Gove AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris

More information

SQL Queries. for. Mere Mortals. Third Edition. A Hands-On Guide to Data Manipulation in SQL. John L. Viescas Michael J. Hernandez

SQL Queries. for. Mere Mortals. Third Edition. A Hands-On Guide to Data Manipulation in SQL. John L. Viescas Michael J. Hernandez SQL Queries for Mere Mortals Third Edition A Hands-On Guide to Data Manipulation in SQL John L. Viescas Michael J. Hernandez r A TT TAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco

More information

Programming in Python 3

Programming in Python 3 Programming in Python 3 A Complete Introduction to the Python Language Mark Summerfield.4.Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich

More information

Cloud Computing and SOA Convergence in Your Enterprise

Cloud Computing and SOA Convergence in Your Enterprise Cloud Computing and SOA Convergence in Your Enterprise A Step-by-Step Guide David S. Lint hicum A Addison-Wesley Upper Saddle River, NT Boston Indianapolis San Francisco New York Toronto Montreal London

More information

Digital System Design with SystemVerilog

Digital System Design with SystemVerilog Digital System Design with SystemVerilog Mark Zwolinski AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo

More information

Programming Guide. Aaftab Munshi Dan Ginsburg Dave Shreiner. TT r^addison-wesley

Programming Guide. Aaftab Munshi Dan Ginsburg Dave Shreiner. TT r^addison-wesley OpenGUES 2.0 Programming Guide Aaftab Munshi Dan Ginsburg Dave Shreiner TT r^addison-wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid

More information

PYTHON. p ykos vtawynivis. Second eciitiovl. CO Ve, WESLEY J. CHUN

PYTHON. p ykos vtawynivis. Second eciitiovl. CO Ve, WESLEY J. CHUN CO Ve, PYTHON p ykos vtawynivis Second eciitiovl WESLEY J. CHUN. PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney

More information

Programming with POSIX Threads

Programming with POSIX Threads Programming with POSIX Threads David R. Butenhof :vaddison-wesley Boston San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sidney Tokyo Singapore Mexico City Contents List of

More information

Framework Design Guidelines

Framework Design Guidelines Framework Design Guidelines Conventions, Idioms, and Patterns for Reusable.NET Libraries Krzysztof Cwalina Brad Abrams Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto

More information

Essentials. Oracle Solaris Cluster. Tim Read. Upper Saddle River, NJ Boston Indianapolis San Francisco. Capetown Sydney Tokyo Singapore Mexico City

Essentials. Oracle Solaris Cluster. Tim Read. Upper Saddle River, NJ Boston Indianapolis San Francisco. Capetown Sydney Tokyo Singapore Mexico City Oracle Solaris Cluster Essentials Tim Read PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo Singapore Mexico

More information

Modern C++ Design. Generic Programming and Design Patterns Applied. Andrei Alexandrescu. AAddison-Wesley

Modern C++ Design. Generic Programming and Design Patterns Applied. Andrei Alexandrescu. AAddison-Wesley Modern C++ Design Generic Programming and Design Patterns Applied Andrei Alexandrescu f AAddison-Wesley Boston San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo Singapore

More information

\ Smart Client 0" Deploymentwith v^ ClickOnce

\ Smart Client 0 Deploymentwith v^ ClickOnce \ Smart Client 0" Deploymentwith v^ ClickOnce Deploying Windows Forms Applications with ClickOnce Brian Noyes TT fr Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto

More information

ECLIPSE RICH CLIENT PLATFORM

ECLIPSE RICH CLIENT PLATFORM ECLIPSE RICH CLIENT PLATFORM DESIGNING, CODING, AND PACKAGING JAVA TM APPLICATIONS Jeff McAffer Jean-Michel Lemieux v:addison-wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto

More information

Modern C++ Design. Generic Programming and Design Patterns Applied. Andrei Alexandrescu. .~Addison-Wesley

Modern C++ Design. Generic Programming and Design Patterns Applied. Andrei Alexandrescu. .~Addison-Wesley Modern C++ Design Generic Programming and Design Patterns Applied Andrei Alexandrescu.~Addison-Wesley Boston " San Francisco " New York " Toronto " Montreal London " Munich " Paris " Madrid Capetown "

More information

Modern C++ Design. Generic Programming and Design Patterns Applied. Andrei Alexandrescu

Modern C++ Design. Generic Programming and Design Patterns Applied. Andrei Alexandrescu Modern C++ Design Generic Programming and Design Patterns Applied Andrei Alexandrescu ADDISON-WESLEY Boston San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo Singapore

More information

The Unified Modeling Language User Guide

The Unified Modeling Language User Guide The Unified Modeling Language User Guide Grady Booch James Rumbaugh Ivar Jacobson Rational Software Corporation TT ADDISON-WESLEY Boston San Francisco New York Toronto Montreal London Munich Paris Madrid

More information

DB2 SQL Tuning Tips for z/os Developers

DB2 SQL Tuning Tips for z/os Developers DB2 SQL Tuning Tips for z/os Developers Tony Andrews IBM Press, Pearson pic Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Cape Town Sydney

More information

The Power of Events. An Introduction to Complex Event Processing in Distributed Enterprise Systems. David Luckham

The Power of Events. An Introduction to Complex Event Processing in Distributed Enterprise Systems. David Luckham The Power of Events An Introduction to Complex Event Processing in Distributed Enterprise Systems David Luckham AAddison-Wesley Boston San Francisco New York Toronto Montreal London Munich Paris Madrid

More information

CYSE 411/AIT681 Secure Software Engineering Topic #12. Secure Coding: Formatted Output

CYSE 411/AIT681 Secure Software Engineering Topic #12. Secure Coding: Formatted Output CYSE 411/AIT681 Secure Software Engineering Topic #12. Secure Coding: Formatted Output Instructor: Dr. Kun Sun 1 This lecture: [Seacord]: Chapter 6 Readings 2 Secure Coding String management Pointer Subterfuge

More information

2/9/18. CYSE 411/AIT681 Secure Software Engineering. Readings. Secure Coding. This lecture: String management Pointer Subterfuge

2/9/18. CYSE 411/AIT681 Secure Software Engineering. Readings. Secure Coding. This lecture: String management Pointer Subterfuge CYSE 411/AIT681 Secure Software Engineering Topic #12. Secure Coding: Formatted Output Instructor: Dr. Kun Sun 1 This lecture: [Seacord]: Chapter 6 Readings 2 String management Pointer Subterfuge Secure

More information

Systems:;-'./'--'.; r. Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington

Systems:;-'./'--'.; r. Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington Data base 7\,T"] Systems:;-'./'--'.; r Modelsj Languages, Design, and Application Programming Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington Shamkant

More information

Programming. Principles and Practice Using C++ Bjarne Stroustrup. / Addison-Wesley. Second Edition

Programming. Principles and Practice Using C++ Bjarne Stroustrup. / Addison-Wesley. Second Edition Programming Principles and Practice Using C++ Second Edition Bjarne Stroustrup / Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid

More information

Rails AntiPatterns. Chad Pytel. Best Practice Ruby on Rails Refactoring. Tammer Saleh. AAddison-Wesley

Rails AntiPatterns. Chad Pytel. Best Practice Ruby on Rails Refactoring. Tammer Saleh. AAddison-Wesley Rails AntiPatterns Best Practice Ruby on Rails Refactoring Chad Pytel Tammer Saleh AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich * Paris

More information

Buffer Overflow Defenses

Buffer Overflow Defenses Buffer Overflow Defenses Some examples, pros, and cons of various defenses against buffer overflows. Caveats: 1. Not intended to be a complete list of products that defend against buffer overflows. 2.

More information

Embedded/Connected Device Secure Coding. 4-Day Course Syllabus

Embedded/Connected Device Secure Coding. 4-Day Course Syllabus Embedded/Connected Device Secure Coding 4-Day Course Syllabus Embedded/Connected Device Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted

More information

Fit for Developing Software

Fit for Developing Software Fit for Developing Software Framework for Integrated Tests Rick Mugridge Ward Cunningham 04) PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich

More information

Refactoring HTML. Improving the Design of Existing Web Applications. Elliotte Rusty Harold. TT rvaddison-wesley

Refactoring HTML. Improving the Design of Existing Web Applications. Elliotte Rusty Harold. TT rvaddison-wesley Refactoring HTML Improving the Design of Existing Web Applications Elliotte Rusty Harold TT rvaddison-wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich

More information

Buffer overflow prevention, and other attacks

Buffer overflow prevention, and other attacks Buffer prevention, and other attacks Comp Sci 3600 Security Outline 1 2 Two approaches to buffer defense Aim to harden programs to resist attacks in new programs Run time Aim to detect and abort attacks

More information

Database Concepts. David M. Kroenke UNIVERSITATSBIBLIOTHEK HANNOVER

Database Concepts. David M. Kroenke UNIVERSITATSBIBLIOTHEK HANNOVER Database Concepts Fifth Edition David M. Kroenke David J. Auer ^111 I ii i.111 111 n.n jiiim^ TECHNISCHE INFORMATIOMSBiBLIOTHEK UNIVERSITATSBIBLIOTHEK HANNOVER j TIB/UB Hannover Prentice Hall Boston Columbus

More information

JAVASCRIPT FOR PROGRAMMERS

JAVASCRIPT FOR PROGRAMMERS JAVASCRIPT FOR PROGRAMMERS DEITEL DEVELOPER SERIES Paul J. Deitel Deitel & Associates, Inc. Harvey M. Deitel Deitel & Associates, Inc. PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco

More information

Programming. In Ada JOHN BARNES TT ADDISON-WESLEY

Programming. In Ada JOHN BARNES TT ADDISON-WESLEY Programming In Ada 2005 JOHN BARNES... TT ADDISON-WESLEY An imprint of Pearson Education Harlow, England London New York Boston San Francisco Toronto Sydney Tokyo Singapore Hong Kong Seoul Taipei New Delhi

More information

CNIT 127: Exploit Development. Ch 18: Source Code Auditing. Updated

CNIT 127: Exploit Development. Ch 18: Source Code Auditing. Updated CNIT 127: Exploit Development Ch 18: Source Code Auditing Updated 4-10-17 Why Audit Source Code? Best way to discover vulnerabilities Can be done with just source code and grep Specialized tools make it

More information

The Java Tutorial. A Short Course on the Basics. Raymond Gallardo. Sowmya Kannan. AAddison-Wesley. Sharon Biocca Zakhour.

The Java Tutorial. A Short Course on the Basics. Raymond Gallardo. Sowmya Kannan. AAddison-Wesley. Sharon Biocca Zakhour. The Java Tutorial A Short Course on the Basics Fifth Edition Sharon Biocca Zakhour Sowmya Kannan Raymond Gallardo AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto

More information

Buffer overflow background

Buffer overflow background and heap buffer background Comp Sci 3600 Security Heap Outline and heap buffer Heap 1 and heap 2 3 buffer 4 5 Heap Outline and heap buffer Heap 1 and heap 2 3 buffer 4 5 Heap Address Space and heap buffer

More information

Essentials of Database Management

Essentials of Database Management Essentials of Database Management Jeffrey A. Hoffer University of Dayton Heikki Topi Bentley University V. Ramesh Indiana University PEARSON Boston Columbus Indianapolis New York San Francisco Upper Saddle

More information

CLASSIC DATA STRUCTURES IN JAVA

CLASSIC DATA STRUCTURES IN JAVA CLASSIC DATA STRUCTURES IN JAVA Timothy Budd Oregon State University Boston San Francisco New York London Toronto Sydney Tokyo Singapore Madrid Mexico City Munich Paris Cape Town Hong Kong Montreal CONTENTS

More information

Programming Wireless Devices with the Java 2 Platform, Micro Edition

Programming Wireless Devices with the Java 2 Platform, Micro Edition Programming Wireless Devices with the Java 2 Platform, Micro Edition J2ME Connected Limited Device Configuration (CLDC) Mobile Information Device Profile (MIDP) Roger Riggs Antero Taivalsaari Mark VandenBrink

More information

Real-Time Systems and Programming Languages

Real-Time Systems and Programming Languages Real-Time Systems and Programming Languages Ada, Real-Time Java and C/Real-Time POSIX Fourth Edition Alan Burns and Andy Wellings University of York * ADDISON-WESLEY An imprint of Pearson Education Harlow,

More information

Module: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security

Module: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security CSE543 - Introduction to Computer and Network Security Module: Program Vulnerabilities Professor Trent Jaeger 1 Programming Why do we write programs? Function What functions do we enable via our programs?

More information

FUNDAMENTALS OF. Database S wctpmc. Shamkant B. Navathe College of Computing Georgia Institute of Technology. Addison-Wesley

FUNDAMENTALS OF. Database S wctpmc. Shamkant B. Navathe College of Computing Georgia Institute of Technology. Addison-Wesley FUNDAMENTALS OF Database S wctpmc SIXTH EDITION Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington Shamkant B. Navathe College of Computing Georgia Institute

More information

CNIT 127: Exploit Development. Ch 14: Protection Mechanisms. Updated

CNIT 127: Exploit Development. Ch 14: Protection Mechanisms. Updated CNIT 127: Exploit Development Ch 14: Protection Mechanisms Updated 3-25-17 Topics Non-Executable Stack W^X (Either Writable or Executable Memory) Stack Data Protection Canaries Ideal Stack Layout AAAS:

More information

THE AVR MICROCONTROLLER AND EMBEDDED SYSTEMS. Using Assembly and С

THE AVR MICROCONTROLLER AND EMBEDDED SYSTEMS. Using Assembly and С THE AVR MICROCONTROLLER AND EMBEDDED SYSTEMS Using Assembly and С Muhammad AH Mazidi Sarmad Naimi Sepehr Naimi Prentice Hall Boston Columbus Indianapolis New York San Francisco Upper Saddle River Amsterdam

More information

OpenGL SUPERBIBLE. Fifth Edition. Comprehensive Tutorial and Reference. Richard S. Wright, Jr. Nicholas Haemel Graham Sellers Benjamin Lipchak

OpenGL SUPERBIBLE. Fifth Edition. Comprehensive Tutorial and Reference. Richard S. Wright, Jr. Nicholas Haemel Graham Sellers Benjamin Lipchak OpenGL SUPERBIBLE Fifth Edition Comprehensive Tutorial and Reference Richard S. Wright, Jr. Nicholas Haemel Graham Sellers Benjamin Lipchak AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San

More information

Hunting Security Bugs

Hunting Security Bugs Microsoft Hunting Security Bugs * Tom Gallagher Bryan Jeffries Lawrence Landauer Contents at a Glance 1 General Approach to Security Testing 1 2 Using Threat Models for Security Testing 11 3 Finding Entry

More information

Developer's HTML5. Cookbook. AAddison-Wesley. Chuck Hudson. Tom Leadbetter. Upper Saddle River, NJ Boston Indianapolis San Francisco

Developer's HTML5. Cookbook. AAddison-Wesley. Chuck Hudson. Tom Leadbetter. Upper Saddle River, NJ Boston Indianapolis San Francisco HTML5 Developer's Cookbook Chuck Hudson Tom Leadbetter AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo

More information

Domain-Specific. Languages. Martin Fowler. AAddison-Wesley. Sydney Tokyo. With Rebecca Parsons

Domain-Specific. Languages. Martin Fowler. AAddison-Wesley. Sydney Tokyo. With Rebecca Parsons Domain-Specific Languages Martin Fowler With Rebecca Parsons AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Sydney Tokyo Singapore

More information

Core Java Volume Ii Advanced Features 10th Edition

Core Java Volume Ii Advanced Features 10th Edition We have made it easy for you to find a PDF Ebooks without any digging. And by having access to our ebooks online or by storing it on your computer, you have convenient answers with core java volume ii

More information

CERT Secure Coding Initiative. Define security requirements. Model Threats 11/30/2010

CERT Secure Coding Initiative. Define security requirements. Model Threats 11/30/2010 Secure Coding Practices COMP620 CERT Secure Coding Initiative Works with software developers and software development organizations to reduce vulnerabilities resulting from coding errors Many of the slides

More information

Module: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security

Module: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security CSE543 - Introduction to Computer and Network Security Module: Program Vulnerabilities Professor Trent Jaeger 1 Programming Why do we write programs? Function What functions do we enable via our programs?

More information

Virtualization from the Trenches

Virtualization from the Trenches ps i: (; v s s o r t w v h \i mioour: TECH KIS CHE INFORM AT 8LIOTHEK UNIVERSITATSBiCLIOTHEK HANNOVER

More information

Computers as Components Principles of Embedded Computing System Design

Computers as Components Principles of Embedded Computing System Design Computers as Components Principles of Embedded Computing System Design Third Edition Marilyn Wolf ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY

More information

Stack Vulnerabilities. CS4379/5375 System Security Assurance Dr. Jaime C. Acosta

Stack Vulnerabilities. CS4379/5375 System Security Assurance Dr. Jaime C. Acosta 1 Stack Vulnerabilities CS4379/5375 System Security Assurance Dr. Jaime C. Acosta Part 1 2 3 An Old, yet Still Valid Vulnerability Buffer/Stack Overflow ESP Unknown Data (unused) Unknown Data (unused)

More information

Coding for Penetration

Coding for Penetration Coding for Penetration Testers Building Better Tools Jason Andress Ryan Linn ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is

More information

Fundamentals of. Database Systems. Shamkant B. Navathe. College of Computing Georgia Institute of Technology PEARSON.

Fundamentals of. Database Systems. Shamkant B. Navathe. College of Computing Georgia Institute of Technology PEARSON. Fundamentals of Database Systems 5th Edition Ramez Elmasri Department of Computer Science and Engineering The University of Texas at Arlington Shamkant B. Navathe College of Computing Georgia Institute

More information

Integrated Approach. Operating Systems COMPUTER SYSTEMS. LEAHY, Jr. Georgia Institute of Technology. Umakishore RAMACHANDRAN. William D.

Integrated Approach. Operating Systems COMPUTER SYSTEMS. LEAHY, Jr. Georgia Institute of Technology. Umakishore RAMACHANDRAN. William D. COMPUTER SYSTEMS An and Integrated Approach f Architecture Operating Systems Umakishore RAMACHANDRAN Georgia Institute of Technology William D. LEAHY, Jr. Georgia Institute of Technology PEARSON Boston

More information

Managed. Code Rootkits. Hooking. into Runtime. Environments. Erez Metula ELSEVIER. Syngress is an imprint of Elsevier SYNGRESS

Managed. Code Rootkits. Hooking. into Runtime. Environments. Erez Metula ELSEVIER. Syngress is an imprint of Elsevier SYNGRESS Managed Code Rootkits Hooking into Runtime Environments Erez Metula ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEWYORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is an imprint

More information

Software Security: Buffer Overflow Defenses

Software Security: Buffer Overflow Defenses CSE 484 / CSE M 584: Computer Security and Privacy Software Security: Buffer Overflow Defenses Fall 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin,

More information

Module: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security

Module: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security CSE543 - Introduction to Computer and Network Security Module: Program Vulnerabilities Professor Trent Jaeger 1 1 Programming Why do we write programs? Function What functions do we enable via our programs?

More information

Buffer Overflows. A brief Introduction to the detection and prevention of buffer overflows for intermediate programmers.

Buffer Overflows. A brief Introduction to the detection and prevention of buffer overflows for intermediate programmers. Buffer Overflows A brief Introduction to the detection and prevention of buffer overflows for intermediate programmers. By: Brian Roberts What is a buffer overflow? In languages that deal with data structures

More information

IPHONE FOR PROGRAMMERS: AN APP-DRIVEN APPROACH

IPHONE FOR PROGRAMMERS: AN APP-DRIVEN APPROACH IPHONE FOR PROGRAMMERS AN APP-DRIVEN APPROACH DEITEL DEVELOPER SERIES Paul Deitel Harvey Deitel Abbey Deitel Eric Kern Michael Morgano All of Deitel & Associates, Inc. I '..'.' I; ' ' '. '... '. ".. '

More information

Copyright 2015 MathEmbedded Ltd.r. Finding security vulnerabilities by fuzzing and dynamic code analysis

Copyright 2015 MathEmbedded Ltd.r. Finding security vulnerabilities by fuzzing and dynamic code analysis Finding security vulnerabilities by fuzzing and dynamic code analysis Security Vulnerabilities Top code security vulnerabilities don t change much: Security Vulnerabilities Top code security vulnerabilities

More information

CIT 380: Securing Computer Systems. Software Security

CIT 380: Securing Computer Systems. Software Security CIT 380: Securing Computer Systems Software Security Topics 1. The problem of software security 2. System security standards 3. Secure lifecycle 4. Buffer overflows 5. Integer overflows 6. Format string

More information

LATEX. Leslie Lamport. Digital Equipment Corporation. Illustrations by Duane Bibby. v ADDISON-WESLEY

LATEX. Leslie Lamport. Digital Equipment Corporation. Illustrations by Duane Bibby. v ADDISON-WESLEY LATEX A Document Preparation System User's Guide and Reference Manual Leslie Lamport Digital Equipment Corporation Illustrations by Duane Bibby v ADDISON-WESLEY Boston San Francisco New York Toronto Montreal

More information

Prelude to Programming

Prelude to Programming GLOBAL EDITION Prelude to Programming Concepts and Design SIXTH EDITION Stewart Venit Elizabeth Drake Prelude toprogramming Sixth Edition Global Edition Concepts and Design Stewart Venit Elizabeth Drake

More information

COMP3441 Lecture 7: Software Vulnerabilities

COMP3441 Lecture 7: Software Vulnerabilities COMP3441 Lecture 7: Software Vulnerabilities Ron van der Meyden (University of New South Wales Sydney, Australia) April 22, 2013 Overview Buffer overflow attacks SQL injection attacks Defensive measures

More information

Opengl Programming On Mac Os X Architecture Performance

Opengl Programming On Mac Os X Architecture Performance Opengl Programming On Mac Os X Architecture Performance We have made it easy for you to find a PDF Ebooks without any digging. And by having access to our ebooks online or by storing it on your computer,

More information

Secure Coding in C and C++ Dynamic Memory Management Lecture 5 Jan 29, 2013

Secure Coding in C and C++ Dynamic Memory Management Lecture 5 Jan 29, 2013 Secure Coding in C and C++ Dynamic Memory Management Lecture 5 Jan 29, 2013 Acknowledgement: These slides are based on author Seacord s original presentation Issues Dynamic Memory Management Common Dynamic

More information

Secure Coding in C and C++

Secure Coding in C and C++ Secure Coding in C and C++ Dynamic Memory Management Lecture 5 Sept 21, 2017 Acknowledgement: These slides are based on author Seacord s original presentation Issues Dynamic Memory Management Common Dynamic

More information

DATABASE SYSTEM CONCEPTS

DATABASE SYSTEM CONCEPTS DATABASE SYSTEM CONCEPTS HENRY F. KORTH ABRAHAM SILBERSCHATZ University of Texas at Austin McGraw-Hill, Inc. New York St. Louis San Francisco Auckland Bogota Caracas Lisbon London Madrid Mexico Milan Montreal

More information

ECLIPSE MODELING PROJECT

ECLIPSE MODELING PROJECT ECLIPSE MODELING PROJECT A Domain-Specific Language Toolkit Richard С. Gronback AAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Pans Madrid

More information

Lecture 4 September Required reading materials for this class

Lecture 4 September Required reading materials for this class EECS 261: Computer Security Fall 2007 Lecture 4 September 6 Lecturer: David Wagner Scribe: DK Moon 4.1 Required reading materials for this class Beyond Stack Smashing: Recent Advances in Exploiting Buffer

More information

Developing Secure Software!

Developing Secure Software! T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A! Developing Secure Software! Copyright 2004-2007 Konstantin Beznosov 2! Vulnerability Report Statistics Outline!!! Why developing secure software

More information

Software Security: Buffer Overflow Attacks

Software Security: Buffer Overflow Attacks CSE 484 / CSE M 584: Computer Security and Privacy Software Security: Buffer Overflow Attacks (continued) Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann,

More information

Agenda. Dynamic Memory Management. Robert C. Seacord. Secure Coding in C and C++

Agenda. Dynamic Memory Management. Robert C. Seacord. Secure Coding in C and C++ Dynamic Memory Management Secure Coding in C and C++ Robert C. Seacord CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 The CERT Coordination

More information

Secure Programming I. Steven M. Bellovin September 28,

Secure Programming I. Steven M. Bellovin September 28, Secure Programming I Steven M. Bellovin September 28, 2014 1 If our software is buggy, what does that say about its security? Robert H. Morris Steven M. Bellovin September 28, 2014 2 The Heart of the Problem

More information

PROBLEM SOLVING USING JAVA WITH DATA STRUCTURES. A Multimedia Approach. Mark Guzdial and Barbara Ericson PEARSON. College of Computing

PROBLEM SOLVING USING JAVA WITH DATA STRUCTURES. A Multimedia Approach. Mark Guzdial and Barbara Ericson PEARSON. College of Computing PROBLEM SOLVING WITH DATA STRUCTURES USING JAVA A Multimedia Approach Mark Guzdial and Barbara Ericson College of Computing Georgia Institute of Technology PEARSON Boston Columbus Indianapolis New York

More information

Anany Levitin 3RD EDITION. Arup Kumar Bhattacharjee. mmmmm Analysis of Algorithms. Soumen Mukherjee. Introduction to TllG DCSISFI &

Anany Levitin 3RD EDITION. Arup Kumar Bhattacharjee. mmmmm Analysis of Algorithms. Soumen Mukherjee. Introduction to TllG DCSISFI & Introduction to TllG DCSISFI & mmmmm Analysis of Algorithms 3RD EDITION Anany Levitin Villa nova University International Edition contributions by Soumen Mukherjee RCC Institute of Information Technology

More information

Black Hat Webcast Series. C/C++ AppSec in 2014

Black Hat Webcast Series. C/C++ AppSec in 2014 Black Hat Webcast Series C/C++ AppSec in 2014 Who Am I Chris Rohlf Leaf SR (Security Research) - Founder / Consultant BlackHat Speaker { 2009, 2011, 2012 } BlackHat Review Board Member http://leafsr.com

More information

Secure Coding In C And C Sei Series In Software Engineering

Secure Coding In C And C Sei Series In Software Engineering Secure Coding In C And C Sei Series In Software Engineering We have made it easy for you to find a PDF Ebooks without any digging. And by having access to our ebooks online or by storing it on your computer,

More information

Beyond Stack Smashing: Recent Advances in Exploiting. Jonathan Pincus(MSR) and Brandon Baker (MS)

Beyond Stack Smashing: Recent Advances in Exploiting. Jonathan Pincus(MSR) and Brandon Baker (MS) Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overruns Jonathan Pincus(MSR) and Brandon Baker (MS) Buffer Overflows and How they Occur Buffer is a contiguous segment of memory of a fixed

More information

Stack Overflow. Faculty Workshop on Cyber Security May 23, 2012

Stack Overflow. Faculty Workshop on Cyber Security May 23, 2012 Stack Overflow Faculty Workshop on Cyber Security May 23, 2012 Goals Learn to hack into computer systems using buffer overflow Steal sensitive data Crash computer programs Lay waste to systems throughout

More information

C for Electronic Engineering

C for Electronic Engineering C for Electronic Engineering with applied software engineering William Buchanan Prentice Hall London New York Toronto Sydney Tokyo Singapore Madrid Mexico City Munich CONTENTS PREFACE 1 INTRODUCTION 1.1

More information

Buffer Overflow Attacks

Buffer Overflow Attacks Buffer Overflow Attacks 1. Smashing the Stack 2. Other Buffer Overflow Attacks 3. Work on Preventing Buffer Overflow Attacks Smashing the Stack An Evil Function void func(char* inp){ } char buffer[16];

More information

Oracle Real Application Clusters Handbook

Oracle Real Application Clusters Handbook ORACLE Oracle Press Oracle Database 11 g Oracle Real Application Clusters Handbook Second Edition K Copalakrishnan Mc Gnaw Hill McGraw-Hill New York Chicago San Francisco Lisbon London Madrid Mexico City

More information

World Wide Web PROGRAMMING THE PEARSON EIGHTH EDITION. University of Colorado at Colorado Springs

World Wide Web PROGRAMMING THE PEARSON EIGHTH EDITION. University of Colorado at Colorado Springs PROGRAMMING THE World Wide Web EIGHTH EDITION ROBERT W. SEBESTA University of Colorado at Colorado Springs PEARSON Boston Columbus Indianapolis New York San Francisco Upper Saddle River Amsterdam Cape

More information

Outline. Classic races: files in /tmp. Race conditions. TOCTTOU example. TOCTTOU gaps. Vulnerabilities in OS interaction

Outline. Classic races: files in /tmp. Race conditions. TOCTTOU example. TOCTTOU gaps. Vulnerabilities in OS interaction Outline CSci 5271 Introduction to Computer Security Day 3: Low-level vulnerabilities Stephen McCamant University of Minnesota, Computer Science & Engineering Race conditions Classic races: files in /tmp

More information

CJT^jL rafting Cm ompiler

CJT^jL rafting Cm ompiler CJT^jL rafting Cm ompiler ij CHARLES N. FISCHER Computer Sciences University of Wisconsin Madison RON K. CYTRON Computer Science and Engineering Washington University RICHARD J. LeBLANC, Jr. Computer Science

More information

Networking. Second Edition. Jeffrey S. Beasley. New Mexico State University

Networking. Second Edition. Jeffrey S. Beasley. New Mexico State University Networking Second Edition Jeffrey S. Beasley New Mexico State University PRENTICE HALL An Imprint of Pearson Education Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal

More information

CS 161 Computer Security

CS 161 Computer Security Paxson Spring 2017 CS 161 Computer Security Discussion 2 Question 1 Software Vulnerabilities (15 min) For the following code, assume an attacker can control the value of basket passed into eval basket.

More information

Simple Overflow. #include <stdio.h> int main(void){ unsigned int num = 0xffffffff;

Simple Overflow. #include <stdio.h> int main(void){ unsigned int num = 0xffffffff; Simple Overflow 1 #include int main(void){ unsigned int num = 0xffffffff; printf("num is %d bits long\n", sizeof(num) * 8); printf("num = 0x%x\n", num); printf("num + 1 = 0x%x\n", num + 1); }

More information

Lecture 1: Buffer Overflows

Lecture 1: Buffer Overflows CS5431 Computer Security Practicum Spring 2017 January 27, 2017 1 Conficker Lecture 1: Buffer Overflows Instructor: Eleanor Birrell In November 2008, a new piece of malware was observed in the wild. This

More information

CIT 480: Securing Computer Systems. Software Security

CIT 480: Securing Computer Systems. Software Security CIT 480: Securing Computer Systems Software Security Topics 1. The problem of software security 2. System security standards 3. Secure lifecycle 4. Buffer overflows 5. Integer overflows 6. Format string

More information

12 th January MWR InfoSecurity Security Advisory. WebSphere MQ xcsgetmem Heap Overflow Vulnerability. Contents

12 th January MWR InfoSecurity Security Advisory. WebSphere MQ xcsgetmem Heap Overflow Vulnerability. Contents Contents MWR InfoSecurity Security Advisory WebSphere MQ xcsgetmem Heap Overflow Vulnerability 12 th January 2009 2009-01-05 Page 1 of 9 Contents Contents 1 Detailed Vulnerability Description...5 1.1 Introduction...5

More information

Developing Secure Software. Vulnerability Report Statistics

Developing Secure Software. Vulnerability Report Statistics T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Developing Secure Software Copyright 2004-2007 Konstantin Beznosov Vulnerability Report Statistics 2 Session 11: Policies 1 Outline Why developing

More information

2/9/18. Secure Coding. CYSE 411/AIT681 Secure Software Engineering. Agenda. Dynamic Memory Interface. Dynamic Memory Interface

2/9/18. Secure Coding. CYSE 411/AIT681 Secure Software Engineering. Agenda. Dynamic Memory Interface. Dynamic Memory Interface Secure Coding CYSE 411/AIT681 Secure Software Engineering Topic #9. Secure Coding: Dynamic Memory Instructor: Dr. Kun Sun String management Pointer Subterfuge Dynamic memory management Integer security

More information

CMPSC 497 Buffer Overflow Vulnerabilities

CMPSC 497 Buffer Overflow Vulnerabilities Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA CMPSC 497 Buffer Overflow

More information