Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Code Scanners Cameron Davidson.

Published byFlore Bellefleur Modified over 6 years ago

Similar presentations

Presentation on theme: "Secure Code Scanners Cameron Davidson."— Presentation transcript:

1 Secure Code Scanners Cameron Davidson

2 Secure Code Analysis by definition
Scanning an application for security vulnerabilities, which usually involves the source code itself. Matches will be displayed to the user usually with an explanation of the vulnerability and possibly a solution if one is known Manual review is time consuming

3 Scanner Variety Pattern Matching Behavior Matching Unit Level
Technology Level System Level

4 Importance Features Deadlines Risk Acceptance

5 Common Mistakes Hard-code Authentication Input Checks Data Encryption
Layer 8 - The Human Layer

6 UDP Chat Program Standalone Client/Server Base Multi-threaded
Command-line C++

7 UDP Chat Program Prompts for a username Broadcasts username
Other instances of the program will receive these broadcasts User picks a username from a list Chat request is sent Other user responds to request

8 Flawfinder C/C++ source code scanner Static Scans Command-line
Open Source Reports finding and sorts by risk level

9 RATS Rough Auditing Tool for Security Similar to Flawfinder
Contains Databases for Perl, PHP, and Python Performs basic analysis ruling out non-problematic conditions Suggests possible known remedies

10 Cppcheck Static Analysis Automatic Variable Checking
Array Bounds Checking Class Checking (unused function, variable initialization, memory duplication) Deprecated/Superseded Functions

11 Cppcheck Exception Safety Checks Memory Leaks Resource Leaks
Invalid STL Function Use Stylistic/Performance Errors

12 Scan Results Fixed Size String Buffer
Fear that fixed buffer is too small to hold data c string equivalent to char[] Always null terminated C++ has no bounds checking for arrays Fill the buffer and continue writing into other memory

13 Scan Results Fixed Size String Buffer Dynamic allocation
Set size is an integer: Datagram packet body size = 255 + 1 reserved for terminating null character

14 Scan Results strcpy Copies source string to a destination string (buffer) strcpy(destinationString, sourceString) No checks in place for the size of the destination buffer

15 Scan Results Strcpy Alternatives Strncpy
Takes third parameter as size of destination buffer Will fill buffer to the end up to the number of characters of the source string Disregard the rest Strlcpy Similar to Strncpy Will fill buffer with source string up to 1 less than the size of the destination Leaving the final slot assigning a null character

16 Scan Results Gethostbyname Socket level API
Read and Send data over the network Easy conversion between Domain Name and IP Deprecated function Does not function well with newer protocols (e.g IPv6) Attackers can forge DNS results or set results to large values

17 Scan Results Gethostbyname Newer, sleeker function getaddrinfo
Full compatibility with IPv6 and newer protocols Parameter can specify desired protocol

18 In Conclusion Network based applications should intentionally be designed with higher security Use code scanners Reduce time Reduce development costs More refined system Know that people use your software

Download ppt "Secure Code Scanners Cameron Davidson."

Similar presentations

© Janice Regan, CMPT 128, 2007-2012 CMPT 371 Data Communications and Networking Socket Programming 0.

© Janice Regan, CMPT 128, CMPT 371 Data Communications and Networking Socket Programming 0.
Data Communications and Networking (Third Edition)

Data Communications and Networking (Third Edition)
Slide 1 Client / Server Paradigm. Slide 2 Outline: Client / Server Paradigm Client / Server Model of Interaction Server Design Issues C/ S Points of Interaction.

Slide 1 Client / Server Paradigm. Slide 2 Outline: Client / Server Paradigm Client / Server Model of Interaction Server Design Issues C/ S Points of Interaction.
1 Java Networking – Part I CS 236607, Spring 2008/9.

1 Java Networking – Part I CS , Spring 2008/9.
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.

Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Application Layer PART VI.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Application Layer PART VI.
Guide To UNIX Using Linux Third Edition

Guide To UNIX Using Linux Third Edition
Host Configuration: BOOTP and DHCP

Host Configuration: BOOTP and DHCP
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May
Network Layer (Part IV). Overview A router is a type of internetworking device that passes data packets between networks based on Layer 3 addresses. A.

Network Layer (Part IV). Overview A router is a type of internetworking device that passes data packets between networks based on Layer 3 addresses. A.
Static Analysis for Security Amir Bazine Per Rehnberg.

Static Analysis for Security Amir Bazine Per Rehnberg.
2011 Embedded Systems Software Training Center BluRapport SDK.

2011 Embedded Systems Software Training Center BluRapport SDK.
Assignment 3 A Client/Server Application: Chatroom.

Assignment 3 A Client/Server Application: Chatroom.
Presented by Heorot.net.  Understand abilities and limitations of code reviews  Identify potentially “bad” code  Identify and use code review tools.

Presented by Heorot.net.  Understand abilities and limitations of code reviews  Identify potentially “bad” code  Identify and use code review tools.
資 管 Lee Application Layer and Client-Server Model A3.

資 管 Lee Application Layer and Client-Server Model A3.
Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.

Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.
STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) speaker : Wenping Zhang date : 2007.11.21.

STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) speaker : Wenping Zhang date :
Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.

Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.
Natalia Yastrebova 02.08.2010. What is Coverity? Each developer should answer to some very simple, yet difficult to answer questions: How do I find new.

Natalia Yastrebova What is Coverity? Each developer should answer to some very simple, yet difficult to answer questions: How do I find new.
LWIP TCP/IP Stack 김백규.

LWIP TCP/IP Stack 김백규.

Similar presentations

Ads by Google