Secure Coding mailing list archives
Re: New Microsoft Security Tool for developers
From: "Dana Epp" <dana () vulscan com>
Date: Mon, 15 Dec 2003 11:15:27 +0000
Hey Jannie, strncpy doesn't quite work like that. Its protoype is typically something like: char *strncpy( char *dest, const char *src, size_t len ); It will copy UP TO len bytes from src to the dest. If the length of src is only 4 bytes, it will only copy 4 bytes to dest, and nullify the rest of the buffer of dest. As such, there is no information disclosure issues with this call as you describe the threat. --- Regards, Dana M. Epp [Blog: http://silverstr.ufies.org/blog/] ----- Original Message ----- From: "Jannie Hanekom" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, December 14, 2003 4:28 AM Subject: RE: [SC-L] New Microsoft Security Tool for developers
I've been following this more as an enthusiast than a professional developer, but isn't there potential for information leakage with that code? It always copies 9 bytes of data, regardless of the length of str, meaning it can potentially place information in buffer that wasn't in str in the first place. Jannie -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Avner Peled Sent: Friday, December 12, 2003 10:53 AM To: [EMAIL PROTECTED] Subject: Re: [SC-L] New Microsoft Security Tool for developers I think he meant that strncpy is not the right function to use when dealing with raw buffers and it's better to use memcpy or the function mentioned in this paper: http://www.courtesan.com/todd/papers/strlcpy.html On Fri, 2003-12-12 at 17:10, Liudvikas Bukys wrote:The Michael Howard MSDN article on the Windows Application Verifier closes with the following "little gem". I'm afraid that the answer does not leap out at me. Does anyone see through it? http://msdn.microsoft.com/library/en-us/dncode/html/secure12112003.asp ----- Okay, now to this little gem. What's wrong with this code? It's a codesample I saw recently on outlining a safe way to write buffer overrun-free code.void noOverflow(char *str) { char buffer[10]; strncpy(buffer,str,(sizeof(buffer)-1)); buffer[(sizeof(buffer)-1)]=0; /* Avoiding buffer flow with the above two lines */ }
Current thread:
- Re: New Microsoft Security Tool for developers, (continued)
- Re: New Microsoft Security Tool for developers der Mouse (Dec 13)
- Re: New Microsoft Security Tool for developers der Mouse (Dec 13)
- RE: New Microsoft Security Tool for developers Tegels, Kent (Dec 09)
- RE: New Microsoft Security Tool for developers Lewis, Todd (Dec 12)
- RE: New Microsoft Security Tool for developers Chris Richards (Dec 12)
- Re: New Microsoft Security Tool for developers der Mouse (Dec 13)
- RE: New Microsoft Security Tool for developers Gene Spafford (Dec 13)
- Re: New Microsoft Security Tool for developers Mark Graff (Dec 13)
- RE: New Microsoft Security Tool for developers Jannie Hanekom (Dec 14)
- Re: New Microsoft Security Tool for developers der Mouse (Dec 15)
- Re: New Microsoft Security Tool for developers Dana Epp (Dec 15)
- Re: New Microsoft Security Tool for developers Crispin Cowan (Dec 15)
- Re: New Microsoft Security Tool for developers Dana Epp (Dec 15)
- RE: New Microsoft Security Tool for developers Örjan Petersson (Dec 16)
- strncpy (was: Re: New Microsoft Security Tool for developers) David A. Wheeler (Dec 16)
- Re: strncpy (was: Re: New Microsoft Security Tool for developers) Florian Weimer (Dec 17)
- Re: New Microsoft Security Tool for developers Dave Aronson (Dec 15)
- Re: New Microsoft Security Tool for developers Gene Spafford (Dec 17)
- Re: New Microsoft Security Tool for developers Mikey (Dec 17)