Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > secprog > 03 > 010354.html (Request Expert securityfocus.com Support)

RE: safe strcpy()?

From: Michael Howard <mikehow(at)microsoft.com>
Date: Wed Jan 29 2003 - 16:06:41 EST


The point I'm making is people seem to think they can write crap code, then bindly replace the calls to strcpy with strncpy and all of a sudden their code is safe. It's not! You MUST validate the untrusted data. Oh, and while you're at it - use 'safer' functions and compile with a stack-smashing detection capability such as VC++'s -GS or Crispin's StackGuard.

Then run tools over the code that model data flow through the app - just in case you missed something...

A finally, have someone that understands this stuff review your code - just in case you missed something...

Just a small data item: whenever I ask a bunch of developers whether you should accommodate for the trailing '\0' when determining the buffer size in a call to strncpy or strncat, 50% say YES, and 50% say NO... That means 50% are WRONG!! That's how buffer overruns occur...

A stupid developer using 'safe' functions will produce stupid code!! There's no replacement for education, discpline and skill I'm afraid.

Cheers, Michael
Secure Windows Initiative
Writing Secure Code 2nd Edition
http://www.microsoft.com/mspress/books/5957.asp

-----Original Message-----
From: Hall, Philip [mailto:phall@spss.com] Sent: Tuesday, January 28, 2003 8:01 PM
To: secprog@securityfocus.com

> Of course, the real way to build secure software is not to use "safe"
> functions, but to check data validity :-)

Do you need help?X

Hang on, that sounds akin to not having locks (safe functions) on your front door, but posting a guard (data validation) at the end of your drive way...hmmmmm I think I'll stick to my eXtreme Defensive Programming (XDP) and be paranoid about everything...unless you meant that by *adding* the data validity to the 'safe' functions to beef them up...?

--phil Received on Wed Jan 29 16:27:49 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:46 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library