Re: Stack growth direction to thwart buffer overflow attacks

From: Nick Maclaren (nmm1_at_cus.cam.ac.uk)
Date: 08/15/03


Date: 15 Aug 2003 17:47:48 GMT

In article <Sx7%a.124$mD.56@news.level3.com>,
Barry Margolin <barry.margolin@level3.com> wrote:
>In article <bhi3mc$rgd$1@pegasus.csx.cam.ac.uk>,
>Nick Maclaren <nmm1@cus.cam.ac.uk> wrote:
>>Firstly, in the case of functions like strcpy, it is NOT much easier
>>to provide the correct length than to do your own checking.
>
>Could you explain this? How could writing your own checking code be easier
>than just adding one parameter to a function call?

Eh? Inserting one line that needs no further information than the
strncpy call you are proposing is a trivial task, even for a third
class BASIC-only programmer. Even if you are writing such shoddy
code that you don't check that you are leaving an unterminated
string to cause problems later, you are only replacing:

    if (strlen(source) < target_length) strcpy(target,source);

by:

    strncpy(target,source,target_length);

If you are writing decent code, you are replacing:

    if (strlen(source) > target_length-1) fail("overflow");
    strcpy(target,source);

by:

    target[target_length-1] = '\0';
    strncpy(target,source,target_length);
    if (target[target_length-1] != '\0') fail("overflow");

NOT a big improvement!

>>One of the common causes of problems is that a 'solution' eliminates
>>enough of the easy cases so that lazy programmers stop even trying
>>to do tackle the problem themselves. In turn, this means that the
>>number of nasty cases increases. As it is common for 90% of the
>>bugs to be easy, but 90% of the problems to be caused by hard bugs,
>>this often REDUCES the overall reliability.
>
>We're talking about programmers who aren't even getting the easy cases
>right. If the cost of preventing 100 easy cases is 10 more nasty cases,
>that seems like a net win.

Think about it. If the cost of a hard case getting past initial coding
is 100 times that of an easy case doing so (which is not unusual), it
is a pretty catastrophic loss.

Regards,
Nick Maclaren.



Relevant Pages

  • Re: Stack growth direction to thwart buffer overflow attacks
    ... How could writing your own checking code be easier ... If you are writing decent code, you are replacing: ... >>bugs to be easy, but 90% of the problems to be caused by hard bugs, ... >We're talking about programmers who aren't even getting the easy cases ...
    (comp.security.unix)
  • Library Design, the script kiddies nightmare.
    ... good across the board of assembler programming. ... With languages that have the capacity, libraries of reusable code make ... comes at a cost that some of the older assembler programmers will not ... The virtue of writing code in this modular format is that you can use ...
    (alt.lang.asm)
  • Re: I was concerned about google writing an OS - Now I see the funny ??side
    ... Programmers get paid to ... I don't think KILE ... money to justify the effort that went into writing KILE. ... Programmers mostly get paid for writing vertical-market software. ...
    (comp.lang.forth)
  • Re: My rant about the "throw out delphi and re-write it in C#" crowd.
    ... to be as good as what it is replacing, no matter how good the programmers are, ... I've been on several projects that looked from the software developers' side to ... They contract the ...
    (borland.public.delphi.non-technical)
  • Re: build faster
    ... Which is faster right now, locating testing and learning the library, writing your own, or just coding from scratch. ... In addition to writing reuseable code you should be writing expandable code that is backward compatible. ... Now I see a lot of work other programmers have done where there is no OO, there often are no functions, this is all embedded calls and includes in html. ... A competent programmer seldom starts from scratch and has libraries of code which can be used on almost any project ...
    (comp.lang.php)