وبلاگ بلیان

کدنویسی امن در C و C++ (سری SEI در مهندسی نرم‌افزار)

Secure Coding in C and C++ (SEI Series in Software Engineering)

معرفی کتاب «کدنویسی امن در C و C++ (سری SEI در مهندسی نرم‌افزار)» (با عنوان لاتین Secure Coding in C and C++ (SEI Series in Software Engineering)) نوشتهٔ Seacord, Robert C.، منتشرشده توسط نشر Addison-Wesley Professional در سال 2005. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

""The security of information systems has not improved at a rate consistent with the growth and sophistication of the attacks being made against them. To address this problem, we must improve the underlying strategies and techniques used to create our systems. Specifically, we must build security in from the start, rather than append it as an afterthought. That's the point of" Secure Coding in C and C++. "In careful detail, this book shows software developers how to build high-quality systems that are less vulnerable to costly and even catastrophic attack. It's a book that every developer should read before the start of any serious project." --Frank Abagnale, author, lecturer, and leading consultant on fraud prevention and secure documents" Learn the Root Causes of Software Vulnerabilities and How to Avoid Them Commonly exploited software vulnerabilities are usually caused by avoidable software defects. Having analyzed nearly 18,000 vulnerability reports over the past ten years, the CERT/Coordination Center (CERT/CC) has determined that a relatively small number of root causes account for most of them. This book identifies and explains these causes and shows the steps that can be taken to prevent exploitation. Moreover, this book encourages programmers to adopt security best practices and develop a security mindset that can help protect software from tomorrow's attacks, not just today's. Drawing on the CERT/CC's reports and conclusions, Robert Seacord systematically identifies the program errors most likely to lead to security breaches, shows how they can be exploited, reviews the potential consequences, and presents secure alternatives. Coverage includes technical detail on how to Improve the overall security of any C/C++ applicationThwart buffer overflows and stack-smashing attacks that exploit insecure string manipulation logicAvoid vulnerabilities and security flaws resulting from the incorrect use of dynamic memory management functionsEliminate integer-related problems: integer overflows, sign errors, and truncation errorsCorrectly use formatted output functions without introducing format-string vulnerabilitiesAvoid I/O vulnerabilities, including race conditions Secure Coding in C and C++ presents hundreds of examples of secure code, insecure code, and exploits, implemented for Windows and Linux. If you're responsible for creating secure C or C++ software--or for keeping it safe--no other book offers you this much detailed, expert assistance. Cover......Page 1 Contents......Page 6 Foreword......Page 14 Preface......Page 18 About the Author......Page 24 Chapter 1 Running with Scissors......Page 26 1.1 Gauging the Threat......Page 29 What Is the Cost?......Page 30 Who Is the Threat?......Page 31 Software Security......Page 34 1.2 Security Concepts......Page 35 Security Flaws......Page 37 Vulnerabilities......Page 38 Exploits......Page 39 Mitigations......Page 40 A Brief History......Page 41 What Is the Problem with C?......Page 42 Legacy Code......Page 43 1.4 Development Platforms......Page 44 Operating Systems......Page 45 Compilers......Page 46 1.5 Summary......Page 48 1.6 Further Reading......Page 49 2.1 String Characteristics......Page 50 Strings in C++......Page 51 Unbounded String Copies......Page 52 Off-by-One Errors......Page 55 Null-Termination Errors......Page 56 String Errors without Functions......Page 57 2.3 String Vulnerabilities......Page 58 Security Flaw......Page 59 Buffer Overflows......Page 60 2.4 Process Memory Organization......Page 61 Stack Management......Page 62 2.5 Stack Smashing......Page 65 2.6 Code Injection......Page 69 2.7 Arc Injection......Page 73 Prevention......Page 76 String Streams......Page 89 Detection and Recovery......Page 92 Kerberos......Page 97 Metamail......Page 98 2.10 Summary......Page 99 2.11 Further Reading......Page 100 Chapter 3 Pointer Subterfuge......Page 102 3.2 Function Pointers......Page 103 3.3 Data Pointers......Page 105 3.4 Modifying the Instruction Pointer......Page 106 3.5 Global Offset Table......Page 108 3.6 The .dtors Section......Page 109 3.7 Virtual Pointers......Page 112 3.8 The atexit() and on_exit() Functions......Page 113 3.9 The longjmp() Function......Page 115 Structured Exception Handling......Page 117 System Default Exception Handling......Page 119 Canaries......Page 120 3.13 Further Reading......Page 121 Chapter 4 Dynamic Memory Management......Page 122 4.1 Dynamic Memory Management......Page 123 Initialization......Page 125 Failing to Check Return Values......Page 127 Freeing Memory Multiple Times......Page 129 Failure to Distinguish Scalars and Arrays......Page 131 4.3 Doug Lea's Memory Allocator......Page 132 Memory Management......Page 133 Buffer Overflows......Page 136 Double-Free Vulnerabilities......Page 142 Memory Management in Win32......Page 145 RtlHeap Data Structures......Page 148 Buffer Overflows......Page 151 Buffer Overflows (Redux)......Page 154 Writing to Freed Memory......Page 158 Double-Free......Page 159 Look-Aside Table......Page 162 Consistent Memory Management Conventions......Page 163 Heap Integrity Detection......Page 164 phkmalloc......Page 165 Randomization......Page 166 OpenBSD......Page 167 Runtime Analysis Tools......Page 168 Windows XP SP2......Page 170 4.6 Notable Vulnerabilities......Page 171 Microsoft Data Access Components (MDAC)......Page 172 CVS Server Double-Free......Page 173 4.8 Further Reading......Page 174 Chapter 5 Integer Security......Page 176 Integer Representation......Page 177 Integer Types......Page 178 Integer Ranges......Page 182 Integer Promotions......Page 184 Integer Conversion Rank......Page 185 Conversions From Signed Integer Types......Page 186 Signed or Unsigned Characters......Page 187 Integer Overflow......Page 189 Sign Errors......Page 191 5.4 Integer Operations......Page 192 Addition......Page 194 Subtraction......Page 197 Multiplication......Page 199 Division......Page 202 Integer Overflow......Page 206 Sign Errors......Page 208 Truncation Errors......Page 209 5.6 Nonexceptional Integer Logic Errors......Page 211 5.7 Mitigation Strategies......Page 212 Range Checking......Page 213 Strong Typing......Page 214 Compiler Checks......Page 215 Safe Integer Operations......Page 216 Testing......Page 221 XDR Library......Page 222 Windows DirectX MIDI Library......Page 223 Bash......Page 224 5.9 Summary......Page 225 5.10 Further Reading......Page 226 Chapter 6 Formatted Output......Page 228 6.1 Variadic Functions......Page 229 ANSI C Standard Arguments......Page 230 6.2 Formatted Output Functions......Page 233 Format Strings......Page 234 GCC......Page 236 Visual C++ .NET......Page 237 6.3 Exploiting Formatted Output Functions......Page 238 Buffer Overflow......Page 239 Output Streams......Page 240 Viewing Stack Content......Page 241 Viewing Memory Content......Page 243 Overwriting Memory......Page 245 Internationalization......Page 249 6.4 Stack Randomization......Page 250 Thwarting Stack Randomization......Page 251 Direct Argument Access......Page 252 Dynamic Use of Static Content......Page 256 Restricting Bytes Written......Page 257 ISO/IEC TR 24731......Page 258 Testing......Page 259 Lexical Analysis......Page 261 Modifying the Variadic Function Implementation......Page 262 Exec Shield......Page 264 Libsafe......Page 265 Static Binary Analysis......Page 266 Washington University FTP Daemon......Page 267 6.7 Summary......Page 268 6.8 Further Reading......Page 270 7.1 Concurrency......Page 272 Mutual Exclusion and Deadlock......Page 273 7.2 Time of Check, Time of Use......Page 275 7.3 Files as Locks and File Locking......Page 277 7.4 File System Exploits......Page 279 Symbolic Linking Exploits......Page 280 Temporary File Open Exploits......Page 282 unlink() Race Exploit......Page 285 Nonunique Temp File Names......Page 286 Closing the Race Window......Page 287 Eliminating the Race Object......Page 291 Controlling Access to the Race Object......Page 294 Race Detection Tools......Page 296 7.7 Further Reading......Page 298 Chapter 8 Recommended Practices......Page 300 8.1 Secure Software Development Principles......Page 302 Complete Mediation......Page 303 Least Privilege......Page 304 Psychological Acceptability......Page 306 8.2 Systems Quality Requirements Engineering......Page 307 8.3 Threat Modeling......Page 308 8.4 Use/Misuse Cases......Page 309 8.5 Architecture and Design......Page 311 Vulnerabilities in Existing Code......Page 313 Secure Wrappers......Page 314 8.7 Compiler Checks......Page 315 8.8 Input Validation......Page 316 8.9 Data Sanitization......Page 317 Black Listing......Page 318 Testing......Page 319 8.10 Static Analysis......Page 320 Fortify......Page 321 Prevent......Page 322 8.11 Quality Assurance......Page 323 Fuzz Testing......Page 324 Developer Guidelines and Checklists......Page 325 Independent Security Review......Page 326 W^X......Page 327 Data Execution Prevention......Page 328 8.14 TSP-Secure......Page 329 Planning and Tracking......Page 330 Quality Management......Page 331 8.15 Summary......Page 332 8.16 Further Reading......Page 333 References......Page 334 Acronyms......Page 348 B......Page 354 D......Page 355 E......Page 356 F......Page 357 H......Page 358 L......Page 359 M......Page 360 R......Page 362 S......Page 363 U......Page 365 Z......Page 366 Commonly Exploited Software Vulnerabilities Are Usually Caused By Avoidable Software Defects. Having Analyzed Nearly 18,000 Vulnerability Reports Over The Past Ten Years, The Cert/coordination Center (cert/cc) Has Determined That A Relatively Small Number Of Root Causes Account For Most Of Them. This Book Identifies And Explains These Causes And Shows The Steps That Can Be Taken To Prevent Exploitation. Moreover, This Book Encourages Programmers To Adopt Security Best Practices And Develop A Security Mindset That Can Help Protect Software From Tomorrow's Attacks, Not Just Today's.--book Jacket. Ch. 1. Running With Scissors -- Ch. 2. Strings -- Ch. 3. Pointer Subterfuge -- Ch. 4. Dynamic Memory Management -- Ch. 5. Integer Security -- Ch. 6. Formatted Output -- Ch. 7. File I/o -- Ch. 8. Recommended Practices. Robert C. Seacord. A Cert Book--cover. Includes Bibliographical References (p. 309-322) And Index.
دانلود کتاب کدنویسی امن در C و C++ (سری SEI در مهندسی نرم‌افزار)