𝔖 Scriptorium
✦   LIBER   ✦
📁

Secure coding in C and C++

✍ Scribed by Seacord, Robert C

Publisher
Addison-Wesley Professional
Year
2005;2008
Tongue
English
Leaves
369
Series
SEI series in software engineering
Edition
2nd printing
Category
Library
⬇  Acquire This Volume

No coin nor oath required. For personal study only.

✦ Synopsis

""The security of information systems has not improved at a rate consistent with the growth and sophistication of the attacks being made against them. To address this problem, we must improve the underlying strategies and techniques used to create our systems. Specifically, we must build security in from the start, rather than append it as an afterthought. That's the point of" Secure Coding in C and C++. "In careful detail, this book shows software developers how to build high-quality systems that are less vulnerable to costly and even catastrophic attack. It's a book that every developer should read before the start of any serious project."
--Frank Abagnale, author, lecturer, and leading consultant on fraud prevention and secure documents" Learn the Root Causes of Software Vulnerabilities and How to Avoid Them

Commonly exploited software vulnerabilities are usually caused by avoidable software defects. Having analyzed nearly 18,000 vulnerability reports over the past ten years, the CERT/Coordination Center (CERT/CC) has determined that a relatively small number of root causes account for most of them. This book identifies and explains these causes and shows the steps that can be taken to prevent exploitation. Moreover, this book encourages programmers to adopt security best practices and develop a security mindset that can help protect software from tomorrow's attacks, not just today's.

Drawing on the CERT/CC's reports and conclusions, Robert Seacord systematically identifies the program errors most likely to lead to security breaches, shows how they can be exploited, reviews the potential consequences, and presents secure alternatives.

Coverage includes technical detail on how to Improve the overall security of any C/C++ applicationThwart buffer overflows and stack-smashing attacks that exploit insecure string manipulation logicAvoid vulnerabilities and security flaws resulting from the incorrect use of dynamic memory management functionsEliminate integer-related problems: integer overflows, sign errors, and truncation errorsCorrectly use formatted output functions without introducing format-string vulnerabilitiesAvoid I/O vulnerabilities, including race conditions

Secure Coding in C and C++ presents hundreds of examples of secure code, insecure code, and exploits, implemented for Windows and Linux. If you're responsible for creating secure C or C++ software--or for keeping it safe--no other book offers you this much detailed, expert assistance.

✦ Table of Contents

Cover......Page 1
Contents......Page 6
Foreword......Page 14
Preface......Page 18
About the Author......Page 24
Chapter 1 Running with Scissors......Page 26
1.1 Gauging the Threat......Page 29
What Is the Cost?......Page 30
Who Is the Threat?......Page 31
Software Security......Page 34
1.2 Security Concepts......Page 35
Security Flaws......Page 37
Vulnerabilities......Page 38
Exploits......Page 39
Mitigations......Page 40
A Brief History......Page 41
What Is the Problem with C?......Page 42
Legacy Code......Page 43
1.4 Development Platforms......Page 44
Operating Systems......Page 45
Compilers......Page 46
1.5 Summary......Page 48
1.6 Further Reading......Page 49
2.1 String Characteristics......Page 50
Strings in C++......Page 51
Unbounded String Copies......Page 52
Off-by-One Errors......Page 55
Null-Termination Errors......Page 56
String Errors without Functions......Page 57
2.3 String Vulnerabilities......Page 58
Security Flaw......Page 59
Buffer Overflows......Page 60
2.4 Process Memory Organization......Page 61
Stack Management......Page 62
2.5 Stack Smashing......Page 65
2.6 Code Injection......Page 69
2.7 Arc Injection......Page 73
Prevention......Page 76
String Streams......Page 89
Detection and Recovery......Page 92
Kerberos......Page 97
Metamail......Page 98
2.10 Summary......Page 99
2.11 Further Reading......Page 100
Chapter 3 Pointer Subterfuge......Page 102
3.2 Function Pointers......Page 103
3.3 Data Pointers......Page 105
3.4 Modifying the Instruction Pointer......Page 106
3.5 Global Offset Table......Page 108
3.6 The .dtors Section......Page 109
3.7 Virtual Pointers......Page 112
3.8 The atexit() and on_exit() Functions......Page 113
3.9 The longjmp() Function......Page 115
Structured Exception Handling......Page 117
System Default Exception Handling......Page 119
Canaries......Page 120
3.13 Further Reading......Page 121
Chapter 4 Dynamic Memory Management......Page 122
4.1 Dynamic Memory Management......Page 123
Initialization......Page 125
Failing to Check Return Values......Page 127
Freeing Memory Multiple Times......Page 129
Failure to Distinguish Scalars and Arrays......Page 131
4.3 Doug Lea's Memory Allocator......Page 132
Memory Management......Page 133
Buffer Overflows......Page 136
Double-Free Vulnerabilities......Page 142
Memory Management in Win32......Page 145
RtlHeap Data Structures......Page 148
Buffer Overflows......Page 151
Buffer Overflows (Redux)......Page 154
Writing to Freed Memory......Page 158
Double-Free......Page 159
Look-Aside Table......Page 162
Consistent Memory Management Conventions......Page 163
Heap Integrity Detection......Page 164
phkmalloc......Page 165
Randomization......Page 166
OpenBSD......Page 167
Runtime Analysis Tools......Page 168
Windows XP SP2......Page 170
4.6 Notable Vulnerabilities......Page 171
Microsoft Data Access Components (MDAC)......Page 172
CVS Server Double-Free......Page 173
4.8 Further Reading......Page 174
Chapter 5 Integer Security......Page 176
Integer Representation......Page 177
Integer Types......Page 178
Integer Ranges......Page 182
Integer Promotions......Page 184
Integer Conversion Rank......Page 185
Conversions From Signed Integer Types......Page 186
Signed or Unsigned Characters......Page 187
Integer Overflow......Page 189
Sign Errors......Page 191
5.4 Integer Operations......Page 192
Addition......Page 194
Subtraction......Page 197
Multiplication......Page 199
Division......Page 202
Integer Overflow......Page 206
Sign Errors......Page 208
Truncation Errors......Page 209
5.6 Nonexceptional Integer Logic Errors......Page 211
5.7 Mitigation Strategies......Page 212
Range Checking......Page 213
Strong Typing......Page 214
Compiler Checks......Page 215
Safe Integer Operations......Page 216
Testing......Page 221
XDR Library......Page 222
Windows DirectX MIDI Library......Page 223
Bash......Page 224
5.9 Summary......Page 225
5.10 Further Reading......Page 226
Chapter 6 Formatted Output......Page 228
6.1 Variadic Functions......Page 229
ANSI C Standard Arguments......Page 230
6.2 Formatted Output Functions......Page 233
Format Strings......Page 234
GCC......Page 236
Visual C++ .NET......Page 237
6.3 Exploiting Formatted Output Functions......Page 238
Buffer Overflow......Page 239
Output Streams......Page 240
Viewing Stack Content......Page 241
Viewing Memory Content......Page 243
Overwriting Memory......Page 245
Internationalization......Page 249
6.4 Stack Randomization......Page 250
Thwarting Stack Randomization......Page 251
Direct Argument Access......Page 252
Dynamic Use of Static Content......Page 256
Restricting Bytes Written......Page 257
ISO/IEC TR 24731......Page 258
Testing......Page 259
Lexical Analysis......Page 261
Modifying the Variadic Function Implementation......Page 262
Exec Shield......Page 264
Libsafe......Page 265
Static Binary Analysis......Page 266
Washington University FTP Daemon......Page 267
6.7 Summary......Page 268
6.8 Further Reading......Page 270
7.1 Concurrency......Page 272
Mutual Exclusion and Deadlock......Page 273
7.2 Time of Check, Time of Use......Page 275
7.3 Files as Locks and File Locking......Page 277
7.4 File System Exploits......Page 279
Symbolic Linking Exploits......Page 280
Temporary File Open Exploits......Page 282
unlink() Race Exploit......Page 285
Nonunique Temp File Names......Page 286
Closing the Race Window......Page 287
Eliminating the Race Object......Page 291
Controlling Access to the Race Object......Page 294
Race Detection Tools......Page 296
7.7 Further Reading......Page 298
Chapter 8 Recommended Practices......Page 300
8.1 Secure Software Development Principles......Page 302
Complete Mediation......Page 303
Least Privilege......Page 304
Psychological Acceptability......Page 306
8.2 Systems Quality Requirements Engineering......Page 307
8.3 Threat Modeling......Page 308
8.4 Use/Misuse Cases......Page 309
8.5 Architecture and Design......Page 311
Vulnerabilities in Existing Code......Page 313
Secure Wrappers......Page 314
8.7 Compiler Checks......Page 315
8.8 Input Validation......Page 316
8.9 Data Sanitization......Page 317
Black Listing......Page 318
Testing......Page 319
8.10 Static Analysis......Page 320
Fortify......Page 321
Prevent......Page 322
8.11 Quality Assurance......Page 323
Fuzz Testing......Page 324
Developer Guidelines and Checklists......Page 325
Independent Security Review......Page 326
W^X......Page 327
Data Execution Prevention......Page 328
8.14 TSP-Secure......Page 329
Planning and Tracking......Page 330
Quality Management......Page 331
8.15 Summary......Page 332
8.16 Further Reading......Page 333
References......Page 334
Acronyms......Page 348
B......Page 354
D......Page 355
E......Page 356
F......Page 357
H......Page 358
L......Page 359
M......Page 360
R......Page 362
S......Page 363
U......Page 365
Z......Page 366

✦ Subjects

Computer Science;Programming;Science;Computers;Programming Languages;Software;Technology

📜 SIMILAR VOLUMES

Secure Coding in C and C++
📁 Secure Coding in C and C++
✍ Robert C. Seacord 📂 Library 📅 2013 🏛 Addison-Wesley Professional 🌐 English

Learn the Root Causes of Software Vulnerabilities and How to Avoid Them Commonly exploited software vulnerabilities are usually caused by avoidable software defects. Having analyzed tens of thousands of vulnerability reports since 1988, CERT has determined that a relatively small number of root caus

Secure coding in C and C¦
📁 Secure coding in C and C¦
✍ Seacord, Robert C 📂 Library 📅 2013 🏛 Addison-Wesley Professional 🌐 English

Learn the Root Causes of Software Vulnerabilities and How to Avoid Them Commonly exploited software vulnerabilities are usually caused by avoidable software defects. Having analyzed tens of thousands of vulnerability reports since 1988, CERT has determined that a relatively small number of root caus

Secure coding in C and C++
📁 Secure coding in C and C++
✍ Seacord, Robert C. 📂 Library 📅 2013 🏛 Addison-Wesley 🌐 English

Commonly exploited software vulnerabilities are usually caused by avoidable software defects. Having analyzed tens of thousands of vulnerability reports since 1988, CERT has determined that a relatively small number of root causes account for most of the vulnerabilities. Secure Coding in C and C++,

Secure Coding in C and C++
📁 Secure Coding in C and C++
✍ Robert C. Seacord 📂 Library 📅 2013 🏛 Addison-Wesley Professional 🌐 English

Learn the Root Causes of Software Vulnerabilities and How to Avoid Them Commonly exploited software vulnerabilities are usually caused by avoidable software defects. Having analyzed tens of thousands of vulnerability reports since 1988, CERT has determined that a relatively small number of root c

Secure Coding in C and C++
📁 Secure Coding in C and C++
✍ Robert Seacord 📂 Library 📅 2013 🏛 Addison-Wesley Professional 🌐 English

Узнайте коренные причины уязвимостей в программном обеспечении и как их избежать. Обычно эксплуатируемые уязвимости программ вызваны предотвратимыми дефектами программного обеспечения. Проанализировав десятки тысяч отчетов уязвимости с 1988 года, CERT определил, что относительно небольшое количество