Presentation is loading. Please wait.

Presentation is loading. Please wait.

Testing & Security Dr. X.

Published by미리 연 Modified over 5 years ago

Similar presentations

Presentation on theme: "Testing & Security Dr. X."— Presentation transcript:

1 Testing & Security Dr. X

2 Integer Error Integer Overflow/Underflow: Mathematical operations can increase integer values above the maximum or decrease them below the minimum allowed values. Truncation: If an integer is converted from a larger type to a smaller type (say, from a long to a short), the value will be truncated if it is outside the range of the smaller type; data that can't fit will simply be thrown out. nteger Overflow/Underflow: Mathematical operations can increase integer values above the maximum or decrease them below the minimum allowed values. For instance, if i = Integer.MAX_VALUE, the increment operator i++ will cause an overflow and the resulting value will be the smallest possible integer value Integer.MIN_VALUE. Addition, subtraction, multiplication, and even division can cause overflow/underflow problems. Truncation: If an integer is converted from a larger type to a smaller type (say, from a long to a short), the value will be truncated if it is outside the range of the smaller type; data that can't fit will simply be thrown out. For example, if you have a long variable that has a value that is greater than the largest value that can be stored in a short (long l=32800), assigning the long to a short (short s = (short)l;) will cause a truncation error (s=-32736).

3 Avoiding Integer Error
Know your bounds Validate your inputs!

4 Input Validation Think about inputs that can break this program

5 Input Validation Check your input: Checksums
Type: data type. Range: Verify that numbers are within a range Plausibility: Check that values make sense Presence check: Guarantee presence of important data Length: Input that is either too long or too short will not be legitimate Format: Dates, credit card numbers, and other data types have limitations on the number of digits and any other characters used for separation Checksums Use appropriate language tools Recover Appropriately Checksums: Identification numbers such as bank accounts, often have check digits: additional digits included at the end of a number to provide a verifiability check. The check digit is determined by a calculation based on the remaining digits – if the check digit does not match the results of the calculation,either the ID is bad or the check digit is bad. In either case, the number should be rejected as invalid. Use appropriate language tools: The safety of tools that read user input varies across programming languages and systems. Some languages, such as C and C++ have library calls that read user input into a character buffer without checking the bounds of that buffer, causing a both a buffer overflow and an input validation problem. Alternative libraries specifically designed with security in mind are often more robust. Recover Appropriately: A robust program will respond to invalid input in a manner that is appropriate, correct, and secure. For user input, this will often mean providing an informative error message and requesting re-entry of the data. Invalid input from other sources – such as a network connection – may require alternate measures. Arbitrary decisions such as truncating or otherwise reformatting data to “make it fit” should be avoided

6 Buffer Overflow

7 Buffer Overflow

8 Avoiding Buffer Overflow
Mind your indices! Make sure you have enough space Use alternative data structures that reduce the risk of overflows Try to avoid allocating storage until you know how much you need Send the size of the array along with the array Avoid risky functions Use your tools Handle exceptions with care Mind your indices! Validate your input. Always check values that are input as an array index. Check your loops! Especially watch the limit, beware of off-by-one errors. Check any methods that may modify an array index. Make sure you have enough space: Before copying data to a fixed size block, make sure it is large enough to hold the new data. Do not copy more data than your available space can hold. Validate indices: If you have an integer variable, declare it as an unsigned int and verify that it is within the proper bounds before you use it as an index to an array. This validation is particularly important for any values that might have come from untrusted sources such as user input, network data, or untrusted files. When possible, use buffer-size accessors: Some languages—such as Java—provide operators that can be used to retrieve the size of an array. Using these operators can help you avoid buffer overflow. Use alternative data structures that reduce the risk of overflows: When possible, use vectors and iterators instead of arrays and integer-indexed loops. These tools will not eliminate the problem, but will greatly reduce the risk of buffer overflow. Try to avoid allocating storage until you know how much you need: When possible, wait to allocate memory until after you know how much space you need. In some cases, this may mean allocating a new buffer instead of reusing an old one. Send the size of the array along with the array: If you’re using an array as an argument to a function, be sure to send the size of the array to the function as well. This value can be used as an upper limit on array indices. Avoid risky functions: Some languages have a variety of library functions that may lead to buffer overflow vulnerabilities. If you are using any library functions for reading user data, copying data, or allocating/freeing blocks of data, understand the appropriate uses of these functions. In many cases, more secure versions of risky functions are available—use these instead. Use your tools: Many compilers provide warnings in cases of potential buffer overflows. Use high warning settings, and fix your code to avoid these warnings. Use static analysis tools to analyze your source coda or use dynamic analysis tools to examine and report on the state of your program while running. Handle exceptions with care: Checking for and responding to potential overflows in your code, instead of relying on the exception-handling mechanism, will make your code more robust and secure.

9 Resources _Checklist 10+Secure+Coding+Practices

Download ppt "Testing & Security Dr. X."

Similar presentations

CSE 1302 Lecture 23 Hashing and Hash Tables Richard Gesick.

CSE 1302 Lecture 23 Hashing and Hash Tables Richard Gesick.
CSCI 6962: Server-side Design and Programming Input Validation and Error Handling.

CSCI 6962: Server-side Design and Programming Input Validation and Error Handling.
Quick Review of Apr 10 material B+-Tree File Organization –similar to B+-tree index –leaf nodes store records, not pointers to records stored in an original.

Quick Review of Apr 10 material B+-Tree File Organization –similar to B+-tree index –leaf nodes store records, not pointers to records stored in an original.
Variables: Named Storage Locations Variables must be defined or declared before they can be used so that appropriate memory storage can be allocated for.

Variables: Named Storage Locations Variables must be defined or declared before they can be used so that appropriate memory storage can be allocated for.
1 Chapter 4 Language Fundamentals. 2 Identifiers Program parts such as packages, classes, and class members have names, which are formally known as identifiers.

1 Chapter 4 Language Fundamentals. 2 Identifiers Program parts such as packages, classes, and class members have names, which are formally known as identifiers.
Chapter 7. 2 Objectives You should be able to describe: The string Class Character Manipulation Methods Exception Handling Input Data Validation Namespaces.

Chapter 7. 2 Objectives You should be able to describe: The string Class Character Manipulation Methods Exception Handling Input Data Validation Namespaces.
 1992-2007 Pearson Education, Inc. All rights reserved. 1 7 7 Arrays.

 Pearson Education, Inc. All rights reserved Arrays.
Examining the Code [Reading assignment: Chapter 6, pp. 91-104]

Examining the Code [Reading assignment: Chapter 6, pp ]
Static Analysis for Security Amir Bazine Per Rehnberg.

Static Analysis for Security Amir Bazine Per Rehnberg.
Operator Precedence First the contents of all parentheses are evaluated beginning with the innermost set of parenthesis. Second all multiplications, divisions,

Operator Precedence First the contents of all parentheses are evaluated beginning with the innermost set of parenthesis. Second all multiplications, divisions,
Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.

Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Stack and Heap Memory Stack resident variables include:

Stack and Heap Memory Stack resident variables include:
Testing and Debugging Version 1.0. All kinds of things can go wrong when you are developing a program. The compiler discovers syntax errors in your code.

Testing and Debugging Version 1.0. All kinds of things can go wrong when you are developing a program. The compiler discovers syntax errors in your code.
Chapter 3 Assignment, Formatting, and Interactive Input C++ for Engineers and Scientists Third Edition.

Chapter 3 Assignment, Formatting, and Interactive Input C++ for Engineers and Scientists Third Edition.
Arrays Arrays in C++ An array is a data structure which allows a collective name to be given to a group of elements which all have.

Arrays Arrays in C++ An array is a data structure which allows a collective name to be given to a group of elements which all have.
Chapter 3: Assignment, Formatting, and Interactive Input.

Chapter 3: Assignment, Formatting, and Interactive Input.
C++ for Engineers and Scientists Second Edition Chapter 3 Assignment, Formatting, and Interactive Input.

C++ for Engineers and Scientists Second Edition Chapter 3 Assignment, Formatting, and Interactive Input.
1 IS 2150 / TEL 2810 Introduction to Security James Joshi Associate Professor, SIS Lecture 12.2 Nov 20, 2012 Integer Issues.

1 IS 2150 / TEL 2810 Introduction to Security James Joshi Associate Professor, SIS Lecture 12.2 Nov 20, 2012 Integer Issues.
Lecture 13 Page 1 CS 236 Online Major Problem Areas for Secure Programming Certain areas of programming have proven to be particularly prone to problems.

Lecture 13 Page 1 CS 236 Online Major Problem Areas for Secure Programming Certain areas of programming have proven to be particularly prone to problems.

Similar presentations

Ads by Google