Software Security, Compiler - Lecture Slides | CMSC 433, Study notes of Programming Languages

Download Software Security, Compiler - Lecture Slides | CMSC 433 and more Study notes Programming Languages in PDF only on Docsity! 1 Software Security CMSC 433 Bill Pugh Software Security • Making sure that if your software is misused, it doesn’t do any of the vast number of things you didn’t intend for the software to do 2 On trusting trust • You can hide a trojan horse in a compiler – or in the operating system Compiler • Code generateCode(AST method) { if (method.getName() .equals(“authenticateLogin)) { return ... code with trap door ...; .. generate code normally 5 #1 source of security defects • Untrusted, unverified and unexpected input leading to a program doing something completed unexpected – unexpected by developer – intended by attacker • of all the untrusted input problems, # 1 is buffer overruns in C/C++. Buffer overflows • In C, arrays are just locations in memory • if you write past the allocated end of the array, you write into something else • possibly other variables, return address • can both rewrite return address and deliver payload 6 gets() is evil • Impossible to use gets() correctly char buf[20]; gets(buf); C String functions char buf[20]; char * prefix = “http://”; strcpy(buf,prefix); strncat(buf, path, sizeof(buf)); 7 sprintf • char buf[80]; sprintf(buf, “%s - %d\n”, path, errno); safe copy #define MAX_BUF 256 void doStuff(char * in) { short len; char buf[MAX_BUF]; len = strlen(in); if (len > MAX_BUF) return; strcpy(buf, in); .. do stuff with buf ... }