RE: Writing Secure code[update]

>>(Say this could start from as simple a thing like ONLY using checked
functions like strncpy() instead of strcpy.)

This is utterly incorrect, swapping out strcpy for strncpy won't help, you can write perfectly secure code using strcpy if you trust the input, you can write perfectly insecure code with strncpy if you get the buffer size calc wrong...

Take a look at this code, it's perfectly secure, right, because it's using the 'n' versions... Right?

#define SIZE(b) (sizeof(b))
char buff[128];

strncpy(buff,szSomeData,SIZE(buff));
strncat(buff,szMoreData,SIZE(buff));
strncat(buff,szEvenMoreData,SIZE(buff));

WRONG!! Cheers, Michael
Secure Windows Initiative
Writing Secure Code 2nd Edition
http://www.microsoft.com/mspress/books/5957.asp

-----Original Message-----
From: Rahul Chander Kashyap [mailto:rahul@nsecure.net] Sent: Tuesday, December 31, 2002 2:20 AM To: Matt McClellan; viega@list.org
Cc: secprog@securityfocus.com

Hi people,
First of all i'm thankful to all for responding to my query. Well this shows one thing for sure..we share similar concerns :-) Actually i'm quite surprised that no one as yet has said that yes! we follow some standards to <or rather attempt to>make our coding more secure. So, how about directing our focus with a aim at reaching a methodology/conclusion as to what can be done (by us + others) to say bring up some ideas of some kind of a standard/practice which aims at following certain guidelines to be taken at the design stage of any software development process that could help us prevent the code getting exploited.(If something like this already exists please do let me know..this shall save a lot of time!).
yes there are books..i agree but then if we follow something as a standard i'm sure that it shall be more universally accepted and we also cud improve on those!
These practices cud also be platform dependent. I wud like to add here that Yes! i agree with all those who say that what if the OS itself is to blame,the libraries are buggy,etc.etc..But from our/the developer point of view shudn't we have a practice that shud be adhered to??
(Say this could start from as simple a thing like ONLY using checked functions like strncpy() instead of strcpy.)

And yes let us not focus on the *buggy* aspect of the code because out here we're trying to make sure that what we've written is not exploitable due to
*holes* left by the coder. Someone put it very well :

• Reliable: something that does everything it is specified to do.
  • Secure : something that does everything it is specified to do..and nothing else. I agree that there is a very thin line between the two ;-) please do let me know what u people feel of this proposal. I'm open to forming a group (if required) and doing some kind of research on this aspect. I too believe that *absolute security is a myth*, but i do believe in taking some steps so as to reach as close as possible to say *high grade security!* :o) Any takers on this???

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Have a fabulous new year!
Regards,

Rahul C. Kashyap
Software Developer
www.nsecure.net