Secure Coding mailing list archives
Re: New Microsoft Security Tool for developers
From: Gene Spafford <spaf () cerias purdue edu>
Date: Thu, 18 Dec 2003 02:27:12 +0000
At 11:02 AM -0500 12/15/03, Dave Aronson wrote: Gene Spafford pointed out that noOverflow could be passed a pointer to a string that was *shorter* than the internal buffer. He did not state specifically what was so bad about this, but I presumed that his point was the one later raised by Jannie Hanekom: that there could be information leakage from just past str, into buffer. (Also possibly that that chunk of memory might be protected, in various ways that would crash the program.) Spaf, is this indeed what you meant? Yes. As a more general case, if the buffer in the subroutine was declared to be 1000 characters long, you could pick up all sorts of things, including (perhaps) stack pointers, other variables, and so on. Typing shouldn't be hidden by the calling interface without very good reasons. Spaf also suggested rewriting noOverflow to include a parameter for the buffer size. That would help prevent accidental misuse -- but malicious abusers could still pass in a bad buffer size. Yes, but presumably that would be checked in the calling code to ensure that bad values weren't put into it. Otherwise, we could also argue that they could pass in a faulty buffer pointer. (BTW, I'm feeling caught in a bit of a timewarp. Last time I followed up to something spaf posted was about 20 years ago....) I'll keep my eyes peeled in 2023 for our next volley. :-) --spaf -- This message has been 'sanitized'. This means that potentially dangerous content has been rewritten or removed. The following log describes which actions were taken. Sanitizer (start="1071708528"): ParseHeader (): Ignored junk while parsing header: SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): Match (rule="default"): Enforced policy: accept Anomy 0.0.0 : Sanitizer.pm $Id: Sanitizer.pm,v 1.79 2003/06/19 19:22:00 bre Exp $
Current thread:
- RE: New Microsoft Security Tool for developers, (continued)
- RE: New Microsoft Security Tool for developers Jannie Hanekom (Dec 14)
- Re: New Microsoft Security Tool for developers der Mouse (Dec 15)
- Re: New Microsoft Security Tool for developers Dana Epp (Dec 15)
- Re: New Microsoft Security Tool for developers Crispin Cowan (Dec 15)
- Re: New Microsoft Security Tool for developers Dana Epp (Dec 15)
- RE: New Microsoft Security Tool for developers Örjan Petersson (Dec 16)
- strncpy (was: Re: New Microsoft Security Tool for developers) David A. Wheeler (Dec 16)
- Re: strncpy (was: Re: New Microsoft Security Tool for developers) Florian Weimer (Dec 17)
- RE: New Microsoft Security Tool for developers Jannie Hanekom (Dec 14)
- Re: New Microsoft Security Tool for developers Dave Aronson (Dec 15)
- Re: New Microsoft Security Tool for developers Gene Spafford (Dec 17)
- Re: New Microsoft Security Tool for developers Mikey (Dec 17)