Spotting the Sin During Code Review

Previous page
Table of content
Next page

In C/C++, look for functions from the printf family. Problems to look for are 

 printf(user_input); fprintf(STDOUT, user_input);

If you see a function that looks like this: 

 fprintf(STDOUT, msg_format, arg1, arg2);

then you need to verify where the string referenced by msg_format is stored and how well it is protected.

There are many other system calls and APIs that are also vulnerablesyslog is one example. Any time you see a function definition that includes in the argument list, youre looking at something that is likely to be a problem.

Many source code scanners , even the lexical ones like RATS and flawfinder, can detect this. Theres even PScan (www.striker.ottawa.on.ca/~aland/pscan/), which was designed specifically for this.

There are also countering tools that can be built into the compilation process. For example, theres Crispin Cowans FormatGuard: http://lists.nas.nasa.gov/archives/ext/linux-security-audit/2001/05/msg00030.html .


Previous page
Table of content
Next page
19 Deadly Sins of Software Security. Programming Flaws and How to Fix Them
Writing Secure Code
ISBN: 71626751
EAN: 2147483647
Year: 2003
Pages: 239
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Developing Tablet PC Applications (Charles River Media Programming)
Mastering Delphi 7
What is Lean Six Sigma
Special Edition Using FileMaker 8
DNS & BIND Cookbook
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy