[PDF] [PDF] Secure Software Programming and Vulnerability Analysis Race

[PDF] Comparative Assessment of Static Analysis Tools for Software

RATS [3] for their ability to detect vulnerabilities in applications written the C More specifically, for the fopen() function, Flawfinder detected 64, while ITS4 

[PDF] How to Open a File and Not Get Hacked - Computer Sciences Dept

stitutes for conventional POSIX open and fopen calls 1 Introduction a vulnerability in the program different file system objects and can be used to exploit a

[PDF] Secure Software Programming and Vulnerability Analysis Race

Window of vulnerability can be very short open the file, using the file name (e g , using fopen(3)) – four levels of RATS (Rough Auditing Tool for Security)

[PDF] Race conditions

Software defect/vulnerability resulting from unanticipated execution ordering of Open with fopen() ○ Checks to Flawfinder and RATS – best public domain

[PDF] Security Vulnerability Verification through Contract-Based Assertion

vulnerability types, combining our contracts with existing static analysis detection are com/security-resources/rats jsp Detect se if ((fp = fopen(fileName, ”r”)))

[PDF] Merging Static Analysis and Model Checking for Improved Security

external source to a vulnerable function without appropriate input validation I will present While ITS4 and Flawfinder target C and C++, RATS is also able to analyze Perl, PHP, and Python code FILE *file = fopen(path, "r"); 8 char c; 9

[PDF] Buffer Overflow Attacks: Detect, Exploit, Prevent

izes in Windows security and vulnerability detection, as well as programs in Assembly, C memory"); 56 if((fp = fopen(argv[2], "rb"))) barf("failed to open file" );

[PDF] raw socket python

[PDF] rayon de la terre

[PDF] rayon de la terre en km

[PDF] rayon de la terre en m

[PDF] raz and dworkin

[PDF] rb digital canada

[PDF] rbdigital vs flipster

[PDF] rdm 6

[PDF] rdm flexion exercice corrigé pdf

[PDF] rdm flexion poutre

[PDF] rdm6 flexion telecharger

[PDF] reaction acide base exercices corrigés pdf

[PDF] reactions of alkyl halides

[PDF] reactions of alkyl halides pdf

[PDF] reactions of amides pdf

Automation Systems Group

Secure Software Programming

and Vulnerability Analysis

Christopher Kruegel chris@auto.tuwien.ac.at

http://www.auto.tuwien.ac.at/~chris

Secure Software Programming2

Automation Systems Group

Race Conditions

Secure Software Programming3

Automation Systems Group

Overview

•Parallel execution of tasks -multi-process or multi-threaded environment -tasks can interact with each other •Interaction -shared memory (or address space) -file system -signals •Results of tasks depends on relative timing of events !Indeterministic behavior

Secure Software Programming4

Automation Systems Group

Race Conditions

•Race conditions -alternative term for indeterministic behavior -often a robustness issue -but also many important security implications •Assumption needs to hold for some time for correct behavior, but assumption can be violated •Time window when assumption can be violated !window of vulnerability

Secure Software Programming5

Automation Systems Group

Race Conditions

•Window of vulnerability can be very short -race condition problems are difficult to find with testing and difficult to reproduce -attacker can slow down victim machine to extend window and can often launch many attempts •Deadlock -special form of race condition -two processes are preventing each other from accessing a shared resource, resulting in both processes ceasing to function

Secure Software Programming6

Automation Systems Group

Race Conditions

•General assumption -sequence of operations •is not atomic •can be interrupted at any time for arbitrary lengths -use proper countermeasures to ensure deterministic results !Synchronization primitives •Locking -can impose performance penalty -critical section has to be a small as possible

Secure Software Programming7

Automation Systems Group

Race Conditions

•Case study public class Counter extends HttpServlet { int count = 0; public void doGet(HttpServletRequest in,

HttpServletResponse out)

out.setContentType("text/plain");

Printwriter p = out.getWriter();

count++; p.println(count + " hits so far!");

Secure Software Programming8

Automation Systems Group

Race Conditions

•Time-of-Check, Time-of-Use (TOCTOU) -common race condition problem -problem:

Time-Of-Check (t

1 ): validity of assumption A on entity E is checked

Time-Of-Use (t

2 ): assuming A is still valid, E is used

Time-Of-Attack (t

3 ): assumption A is invalidated t 1 t 3 < t 2 •Program has to execute with elevated privilege -otherwise, attacker races for his own privileges

Secure Software Programming9

Automation Systems Group

TOCTOU

•Steps to access a resource

1.obtain reference to resource

2.query resource to obtain characteristics

3.analyze query results

4.if resource is fit, access it

•Often occurs in Unix file system accesses -check permissions for a certain file name (e.g., using access(2)) -open the file, using the file name (e.g., using fopen(3)) -four levels of indirection (symbolic link - hard link - inode - file descriptor) •Windows uses file handles and includes checks in API open call

Secure Software Programming10

Automation Systems Group

Overview

•Case study /* access returns 0 on success */ if(!access(file, W_OK)) { f = fopen(file, "wb+"); write_to_file(f); } else { fprintf(stderr, "Permission denied when trying to open %s.\n", file);quotesdbs_dbs7.pdfusesText_5