Redemption Steps

Previous page
Table of content
Next page

The first step is never pass user input directly to a formatting function, and also be sure to do this at every level of handling formatted output. As an additional note, the formatting functions have significant overhead. Look at the source for _output if youre interestedit might be convenient to write: 

 fprintf(STDOUT, buf);

The preceding line of code isnt just dangerous, but it also consumes a lot of extra CPU cycles.

The second step to take is to ensure that the format strings your application uses are only read from trusted places, and that the paths to the strings cannot be controlled by the attacker. If youre writing code for UNIX and Linux, following the example of the BSD variants and ignoring the NLSPATH variable, which can be used to specify the file used for localized messages, may provide some defense in depth.

C/C++ Redemption

There isnt much more to it than this: 

 printf("%s", user_input);

Previous page
Table of content
Next page
19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Crystal Reports 9 on Oracle (Database Professionals)
Metrics and Models in Software Quality Engineering (2nd Edition)
Microsoft VBScript Professional Projects
Java Concurrency in Practice
Comparing, Designing, and Deploying VPNs
Java All-In-One Desk Reference For Dummies
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy