Updating headings on every page
This commit is contained in:
@@ -4,7 +4,7 @@ date: 2021-09-01
|
||||
draft: false
|
||||
---
|
||||
|
||||
# Introduction
|
||||
## Introduction
|
||||
|
||||
Welcome to the next series, summarizing themes in "Secure Coding in C and C++" by Robert C. Seacord. We are currently going through this book in our work book club and there are a lot of good themes that seem to be threaded through the book. These are my notes, thoughts, and summaries on some of what I've read and our book club have discussed.
|
||||
|
||||
@@ -12,11 +12,11 @@ This is written for an audience that has a broad overview of security concepts.
|
||||
|
||||
The first theme to discuss is always `null` terminating `char *` or `char array` buffers (unless you have a *very* specific reason for not). This is very important to help prevent buffer overflows, reading arbitrary memory, accessing 'inaccessible' memory.
|
||||
|
||||
# Functions Needing null
|
||||
## Functions Needing null
|
||||
|
||||
One of the important reasons to `null` terminate is there are several very common functions that require `null` termination. Even some that you wouldn't necessarily think of. Without having `null` at the end of the buffer, it creates a situation where things could go wrong.
|
||||
|
||||
## String Copy
|
||||
### String Copy
|
||||
|
||||
The first set of functions to look at are copying strings. These not only need to be `null` terminated, but they also need to be properly allocated. Memory allocation will be discussed further in another post. First I'm going to throw a table at you, it gives a summary of string copy functions and how they handle some of the issues. We will discuss further after the table.
|
||||
|
||||
@@ -29,7 +29,7 @@ The first set of functions to look at are copying strings. These not only need t
|
||||
|
||||
Lets go over each function:
|
||||
|
||||
### strcpy
|
||||
#### strcpy
|
||||
|
||||
```c
|
||||
strcpy(char *dest, char *src)
|
||||
@@ -44,7 +44,7 @@ This function is super basic and needs a lot of careful programming. The destina
|
||||
|
||||
Arbitrary memory reads can be a problem since it could mean revealing data meant to be secret. Depending on where memory is allocated, sensitive data could be revealed to the user.
|
||||
|
||||
### strncpy
|
||||
#### strncpy
|
||||
|
||||
```c
|
||||
strncpy(char *dest, char *src, size_t dest_len)
|
||||
@@ -58,7 +58,7 @@ The only thing it does is *helps* with buffer overflows. However, if the `dest_l
|
||||
|
||||
So `strncpy` can still read arbitrary memory and can still buffer overflow (tho overflows are more difficult).
|
||||
|
||||
### strlcpy
|
||||
#### strlcpy
|
||||
|
||||
```c
|
||||
size_t strlcpy(char *dst, const char *src, size_t size)
|
||||
@@ -73,7 +73,7 @@ Point one is great so you don't need to worry as much about pre setting the memo
|
||||
|
||||
Point two is good so you can compare `size` to the return value to see if the source was truncated.
|
||||
|
||||
### strdup
|
||||
#### strdup
|
||||
|
||||
```c
|
||||
char *strdup(const char *s);
|
||||
@@ -85,12 +85,12 @@ The only thing to note is that it reads until the `null` terminator.
|
||||
|
||||
One important thing to note, the returned value must be `free`'d
|
||||
|
||||
## Sensing a Theme
|
||||
### Sensing a Theme
|
||||
|
||||
See the theme yet ... **`null` terminate all character buffers**
|
||||
|
||||
Every one of these functions require the source to be `null` terminated. If they are not, or if there is a `null` in the middle, it will cause issues!
|
||||
|
||||
# Conclusion
|
||||
## Conclusion
|
||||
|
||||
`null` terminating is very important to prevent accessing or writing to memory locations that should not be accessed. In this post we discussed copying strings. In the next post, we will continue this theme with concatenating strings.
|
||||
|
||||
Reference in New Issue
Block a user