Menu
I am starting to learn everything about security and secure programming.
I have always heard about things like buffer overflow vulnerability.
But I don't know yet how such vulnerabilities are exploited. And how can we program securely enough to make sure that our code is robust.
When I say all this, my programming languages of interest are c and c++.
I am looking for free tutorials, and resources on internet where I can learn every ins-n-out of secure programming.
Platform specific tips are also welcome. For example, I know that in Windows programming we can use functions like "memmove_s" to have secure code. But what are the equivalents in Linux/Unix? Or is it the same there?
Should a c/c++ programmer worry about specially crafted formatted stings (like the very popular old PHP formatted strings vulverability)?
A lot of questions here, but general idea is that I mean to learn Secure Programming.
Thanks for every bit of help.
610
The purpose of C Secure is to specify secure coding rules that can be automatically enforced. These can be used to detect security flaws in C programming. To be considered a security flaw, a software bug must be triggerable by the actions of a malicious user or attacker.
The top vulnerabilities found in C were buffer errors and input validation, the report reads, and although numbers have both risen and fallen since 2009, it remains the most insecure language. In C's defense, it should be noted that this is the oldest (and most widely used) programming language in the list.
Key insights. Vulnerabilities in C amounted to 50% of all reported open source security vulnerabilities. This can be explained by the fact that it has been around the longest, has the highest volume of written code, and is the base of all the infrastructures that we use.
Check out CERT C Secure Coding Standard & CERT C++ Secure Coding Standard.
51
I'll throw a couple out there and make this community wiki:
Never, ever, ever use gets.
Don't assume a string is null terminated unless you really really know that it is.
Never just declare a large fixed-size buffer and just assume it'll be "big enough" for what you are doing.
27
Assertions, assertions, assertions. If there's even the theoretical possibility that something might not be correct, go ahead and assert that it is. If something is not quite how you expected it, you want your program to die immediately and spectacularly. Make sure your assertions will not be optimized away.
Be very careful with buffers. There are some functions (e.g. gets) that write into a buffer without knowing how big it is. Do not use these functions. Always check your buffer sizes right where you need them rather than relying on precomputed values.
Always check return codes. If you cannot do anything meaningful on an error (e.g. malloc), then assert success, or better, write a wrapper function that asserts success so that it cannot possibly return an error value and never use the original. To be extra-paranoid, have your compiler emit a warning if you implicitly ignore a return value.
Treat any data entering the program as a possible malicious attack, because it is. This includes configuration files as well as user input.
"Premature optimization is the root of all evil". First make it right. Don't even think about making it faster unless a) you absolutely have to and b) you have profiled the code and know precisely what your bottlenecks are.
Have someone else check your code.
These are only a handful of starting points. Writing secure code is hard.
41
Secure programming encompasses practices that reduce the chance of misuse by code maintainers themselves.
Here's my two cents -- Avoid using pointers where you can. In my opinion, a pointer should be used only when a NULL value has a special meaning. This principle carries over to several coding idioms
The bottomline is, if there's pointers involved, there's a good chance it will be misused by someone who will eventually inherit the code.
29
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
