CSC 1029 Week 12 Buffer Overflow PDF

Chat with Document Quiz & Flashcards

Document Details

DivineZebra9695

Uploaded by DivineZebra9695

Red Rocks Community College

Tags

buffer overflows security vulnerabilities computer programming software security

Related

Summary

This document is a lecture on buffer overflows. It covers common coding exploits, vulnerabilities in legacy and object-oriented programming languages, mitigation strategies, and specific cases like the Heartbleed bug. It provides an overview of buffer overflow attacks and their potential consequences.

Full Transcript

CSC 1029 BUFFER OVERFLOWS OBJECTIVES AGENDA: WEEK 12 Illustrate common coding 1. Buffer Overflow Overview exploitations 2. Heartbleed Bug and vulnerabilities. 3. C-String Vulnerabilities &...

CSC 1029 BUFFER OVERFLOWS OBJECTIVES AGENDA: WEEK 12 Illustrate common coding 1. Buffer Overflow Overview exploitations 2. Heartbleed Bug and vulnerabilities. 3. C-String Vulnerabilities & Explain secure code issues std::string found in legacy and object- 4. Index-Out-Of-Bounds oriented programming (OOP) languages 5. Off-By-One errors 6. Consequences Buffer Attacks Develop and deploy mitigation strategies for buffer overflows 7. Mitigating Buffer Overflow 8. TODO & Resources for Help BUFFER OVERFLOW OVERVIEW Buffer overflows are a primary source of software vulnerabilities. Type-unsafe languages, such as C and C++, are especially prone to such vulnerabilities. A buffer overflow occurs when you allow the user to enter more data than your program was expecting, thereby allowing arbitrary modifications to memory. At the code level, buffer overflow vulnerabilities usually involve the violation of a programmer’s assumptions. HEARTBLEED BUG FROM 10 YEARS AGO Review the article: https://www.csoonline.com/article/3223203/the- heartbleed-bug-how-a-flaw-in-openssl-caused-a-security- crisis.html What is the vulnerability? What is the cost? Is the Heartbleed bug still an issue? What other items did you learn from the article? DEFEATING BUFFER OVERFLOW Buffer overflows cause failures because data is read or written in ways that are entirely foreign to what the programmer plans. Memory contains information, such as the address of the next instruction to execute after returning from a function, calling parameters, variables used in the function, data structures, and permission flags set by the operating system. Writing outside an array could change any of these. In the worst-case scenario, adversaries could cause the program to gain extra permission or make the program execute arbitrary code. Reading beyond array boundaries could retrieve sensitive data, such as old passwords, that are left in memory after they are processed. (https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=921507) C-STRING BUFFER VULNERABILITY C-Strings are a sequence of characters stored in a char array. C-Strings MUST be null-terminated: '\0' char cName; strcpy(cName, "RedRocks"); 0 1 2 3 4 5 6 7 'R' 'e' 'd' 'R' 'o' 'c' 'k' 's' What is the problem with ? overflow C++ STD::STRING C++ String is managed through the std::string class at run- time. A C++ std::string uses a pointer to a character array on the heap, which can still be compromised. std::string does include some built-in security handling on some of the member functions (ie. at) In the PearDeck code demo, replace the subscript [] operato with the at member function, and change the for loop to read beyond the size INDEX-OUT-OF-BOUNDS Read the given linked article and the following two articles: Accessing an array out of bounds in C/C++ https://www.codingninjas.com/studio/library/accessing-an-array-out- of-bounds-in-cc Why accessing an array out of bounds does not give any error in C++? https://www.tutorialspoint.com/Why-accessing-an-array-out-of- bounds-does-not-give-any-error-in-Cplusplus OFF-BY-ONE ERRORS Read the following linked PearDeck article regarding Off-By-One Errors Review the tutorial http://www.cs.iit.edu/~cs561/cs115/looping/off-by-one.html CONSEQUENCES OF BUFFER ATTACK System crashes: A buffer overflow attack will typically lead to the system crashing. It may also result in a lack of availability and programs being put into an infinite loop. Access control loss: A buffer overflow attack will often involve the use of arbitrary code, which is often outside the scope of programs’ security policies. Further security issues: When a buffer overflow attack results in arbitrary code execution, the attacker may use it to exploit other vulnerabilities and subvert other security services. MITIGATING BUFFER OVERFLOW Read the article from InfoSec: https://resources.infosecinstitute.com/topics/secure- coding/how-to-mitigate-buffer-overflow-vulnerabilities/ What is the general idea behind each of the following mitigation strategies? 1. Writing secure code 2. Making use of compiler warnings 3. Stack canaries 4. Data execution prevention (DEP) 5. Address space layout randomization (ASLR) EARN YOUR PRE-WORK GRADE Post your weekly discussion question and research solution to D2L TODO Complete Week 12 Content Module in D2L to 100% WHAT'S COMING UP NEXT...WEEK 13 QUESTIONS | CLARIFICATIONS | HELP Student Office Hours: Schedule Meeting with Julie o By Appointment (both on-campus and remote via Zoom) o Drop-In Times Available (on-campus) Email: [email protected] RRCC On Campus Tutoring: https://www.rrcc.edu/learning- commons/tutoring 24/7 Online Tutoring: D2L > Content > Resources for Help

Use Quizgecko on...
Browser
Open
Browser
Browser