Bugtraq mailing list archives
Re: Smashing the Stack: prevention?
From: deraadt () CVS OPENBSD ORG (Theo de Raadt)
Date: Mon, 28 Apr 1997 18:32:50 -0600
1. 'you gotta change the code' This one is obvious; people must change their SUID programs' source code to avoid nasty things like gets() sprintf() strcat() and strcpy() using things like fgets() strncat() strncpy() as substitutes. (there are many more 'problem' functions, i'm only listing a few here). Any unbounded byte copying is suspect to buffer overruns, and needs to be examined and changed. The drawbacks are obvious, thousands of lines of source need to be changed/examined, re-written.However, it's important to remember that such auditing buys you not just a secure program but a robust program as well. So it is something you would want to do anyway, even if the programs were not suid. The security issue just gives it urgency. Security and robustness really go hand in hand -- they both involve thinking about the ranges of allowable inputs and responses, and limiting them so undesirable responses are not produced.
I am very happy to see someone else point this out! I was holding back on mentioning this. During the OpenBSD security code review that we've been doing for almost a year now, we have fixed numerous other robustness problems. Just as a small example, more than 10 ways to make ftpd dump core have been resolved. Thousands of non-security bugs got fixed at the same time. When you are looking at each source file one by one, it is an ideal time to evaluate what problems and solutions other OS groups have done. Michael -- thanks a lot.
Current thread:
- SMASHING THE STACK: PREVENTION?, (continued)
- SMASHING THE STACK: PREVENTION? massimo at vnet.ibm.com (Apr 28)
- Re: SMASHING THE STACK: PREVENTION? Alex Belits (Apr 28)
- Re: SMASHING THE STACK: PREVENTION? Thomas H. Ptacek (Apr 29)
- SMASHING THE STACK: PREVENTION? massimo at vnet.ibm.com (Apr 28)
- Re: Smashing the Stack: prevention? Tim Newsham (Apr 27)
- Re: Smashing the Stack: prevention? Joe Zbiciak (Apr 28)
- Re: Smashing the Stack: prevention? Daniel Ryde (Apr 28)
- xlock clarification.... David Hedley (Apr 28)
- Re: Smashing the Stack: prevention? Steve Coleman - SEWP (Apr 28)
- Re: Smashing the Stack: prevention? Alexander Snarskii (Apr 28)
- Re: Smashing the Stack: prevention? Michael Shields (Apr 28)
- Re: Smashing the Stack: prevention? Theo de Raadt (Apr 28)
- Re: Smashing the Stack: prevention? Shawn Instenes (Apr 29)
- Re: Smashing the Stack: prevention? J.R.Valverde (Apr 28)
- Re: Smashing the Stack: prevention? Randal Schwartz (Apr 28)
- Re: Smashing the Stack: prevention? Thomas H. Ptacek (Apr 29)
- Re: Smashing the Stack: prevention? J.R.Valverde (Apr 29)
- Re: Smashing the Stack: prevention? J.R.Valverde (Apr 29)