The most common security issues currently is buffer overflow. This special security problem caused by viral infection may be more than the sum of the number of viral infections caused by other reasons. Almost every application and operating system on the market have a buffer overflow vulnerability that hacks may utilize. This problem is so serious for Microsoft Windows, so that Microsoft uses a completely different solution in the new version of the product (such as Windows XP Service Pack 2). The purpose of this article is to help you understand the buffer overflowing more clearly, and provide several techniques for reducing (or eliminating) Visual C application buffers overflow problems.
navigation:
What is a buffer overflow?
The buffer overflow proofs a point of view: unless you look at the user with your application interaction, you don't know what kind of data will be entered to the application.
Verify the scope of data
Most of the data provided by programming languages reflects the actual situation of the lower hardware, not the needs of the real world. For example, when you define a value as int32 in your code, it means that the value of the user input should be between -2, 147, 483, 648 to 2, 147, 483, 647.
Verify the length of the data
Some data types are not easy to perform quick check. For example, a string can contain any number of characters, with a maximum of only a .NET framework component, and a machine limit. Of course, few people really need such a long string. Usually developers require strings with a minimum and maximum length range.
Exclude illegal characters
Hackers often contain some additional illegal characters in the input information to understand what happens. For example, hackers usually create scripts by adding specific characters. In many cases, the system will perform scripts without any warning, giving a hacker access system.
Provide advanced user help
Many developers can not link help with good security, but good help can indeed reduce users' mistakes to improve security.
What is the buffer overflow buffer overflow proof a view: unless you look at the user with your application interaction, you don't know what kind of data will be entered to the application. These attacks depend on some strange ideas: the input information provided by hackers may exceed the length of the buffer, and the additional (exceeding buffer length) information covers memory other than buffer control. In some cases, these memory actually saves executable information (HEAP Memory Overrun, flooding), so that the application does not run the original executable code, but to run hackers; in other cases, The hacker covers the application's stack page (STACK MEMORY OVERRUN, the stack storage flooding). Some hackers are even analyzing your code and find the location to store flooding or stack storage. But in some cases, when hackers are trying to enter some information to a field, this utilization may be discovered when viewing what happens. For example, hackers may try to enter a simple code to see if your application will execute it. Regardless of how the hacker finds a vulnerability, its result is the same: your app lost control of the hacker code - hacker can now enjoy the power that once is your application can enjoy. Many developers believe that hackers will use some secret channels to use the procedures they have established, but many methods are very simple - allowing the operating system to display a behavior such as a command prompt in some cases to get control . If the system's security is slightly loose, hackers can get the control of the server. At least, the command prompt allows the hacker to detect the condition of the system, use other ways to get more access rights. The hacker does not need to get the control of the system when you try. What they need is to get the control of cumulative bits. Obviously, if you want to ensure that the application is from damage to the buffer, you must provide some protection measures for the application. The best way to control buffer is to check all input information received, even if this information comes from trusted sources. This article considers four basic inspections that each program should perform: check the scope, verify the data length, exclude illegal characters, provide users with sufficient help to ensure good input. Most of the data scope provided by the scope programming language of data reflects the actual situation of the lower hardware, not the needs of the real world. For example, when you define a value as int32 in your code, it means that the value of the user input should be between -2, 147, 483, 648 to 2, 147, 483, 647. This number is dependent on hardware conditions, and the computer uses 31-bit storage data, 1 bits store symbol (2 ^ 31 = 2, 147, 483, 648). However, your app may not identify an acceptable range. When hardware requirements are inconsistent with the real demand for the application, you must include a specific code in the application to check potential error conditions. You may wish to accept 1 to 40,000 numbers in the code, which exceeds the value range of INT16, but in the range of INT32. Listing 1 shows examples of such checks. List 1. Check data range errors
System :: void btndatarate_click (System :: Object * e) {INT32 TESTARGS * E) {INT32 TestData; // Keep input value try {// Never try to analyze data TestData = int32 :: parse (txtinput1-> TEXT);} catch (system :: overflowexception * oe) {// overflow error handling Messagebox :: Show (S "Type a value between 1 and 40,000.", S "Input Error", MessageBoxButtons :: OK, MessageBoxicon :: Error);} catch (system :: formatexception * fE) {// overflow error Processing MessageBox :: Show (S "Type The Number without extra charatrs." INPUT ERROR ", MessageboxButtons :: OK, MessageBoxicon: : Error); Return;} // Test specific data range IF (TestData <1 | TestData> 40000) // Overflow Error Processing MessageBox :: Show (S "TYPE A Value Between 1 and 40,000.", S "Input Error ", MessageBoxButtons :: OK, MessageBoxicon :: Error);} Please note that this code first uses the PARSE () method to convert the input information into an int32 type. This simple conversion can be positioned for many input issues. In this example, the code uses System :: OverflowException is too large or too small, using the System :: Formatexception exception check value is correct. After the code ensures that the input information is a reasonable INT32 value, then check the actual input range. The value of the data type is the easiest to check because they have a specific range. The value is different from the object, which does not hide the elements, so that developers are surprisingly placed. In general, all transactions used to verify value data types are defined in the code, and then check the values. When we use objects, the issue of data validation will appear. For example, you want users to use one of several strings as input information, then use the list box to reduce the user's input selection is helpful. When the user faces only the list box with only several options, they are impossible to enter invalid information (such as scripts). Sometimes you have to design a unique solution for problems. For example, how do you make sure that a particular method receives the number of fixed, range discontinuous input information? In this case enumeration (Enumeration) may save time. Listing 2 shows how to change the enumeration in the code to automated data range. Class Sheet 2: Use enumeration check data, please note that DISPLAYSTRING () declares requires an input message (parameter) of a SomeStrings enumeration type. The caller cannot use any other input type, which means that the DisplayString () method is automatically protected. For example, you can't use a script as input information because it is not the correct type. Verify that the length of the data is not easy to perform a quick check. For example, a string can contain any number of characters, with a maximum of only a .NET framework component, and a machine limit. Of course, few people really need such a long string.
Usually developers require strings with a minimum and maximum length range. Therefore, you don't need to verify that the received is a string, just verify that its length is correct. Otherwise, others may send any length of strings, which will cause the buffer flooding. Listing 3 shows an example of preventing problems by verifying data lengths of each parameter. Listing 3: Verify the length of the data
System :: Boolean ProcessData (String * Input, Int32 UpperLimit, Int32 LowerLimit) {StringBuilder * ErrorMsg; // // error checking input information error if (UpperLimit
Note that this part of code produces system :: argumentException exception instead of universal exceptions. Although specific abnormal performance is better, most developers are still universal anomalies. If the .NET Framework component does not provide specific exceptions for your code requirements, you should establish a customized exception. The code will then verify the string. If the number of characters of the string is too much or too small, the code generates System :: Security :: SecurityException. The use of safety here is correct, because such an event will lead to unusual security. Users may decide to enter a long string to create a condition of buffer overflow. Even if the user just makes a mistake, you causing this security anode means that you can at least verify this unusual cause, not simply jump. The test code for this example is in the btndatalength_click () method. This code is executed in the Try ... catch code block to ensure that exceptions will be captured. The real check is just a simple if statement. This code contains a Catch statement for each exception. If you want to make sure that the application takes note of any security exception and processes properly, the capture exception is important. Excluding illegal characters hackers often contain some additional illegal characters in the input information to understand what happens. For example, hackers usually create scripts by adding specific characters. In many cases, the system will perform scripts without any warning, giving a hacker access system. For this way of utilization, the web application is more affected by desktop applications, but you must be protected. Fortunately, .NET framework assembly provides a strong qualified expression (Regular Expression). A qualified expression defines an acceptable string input, so you can easily detect illegal characters. Listing 4 shows a method using a qualified expression. Listing 4: The regex object is included using the qualified expression code. In this case, the only entered input is a letter (even if it cannot contain spaces). Pass bypass bypass a lot of input information. In fact, a lot of default templates are defined in many verification supports provided by the ASP.NET application. Its point is that you can create a string that defines acceptable input information that contains an input style (such as a phone number). Regex objects can perform a lot of comparison operations. In the example it uses the Matches () method to compare the length of the string and the number of the reference. When these two numbers match, the input information is correct. Otherwise, the input information contains illegal characters, and the checkchars () method will lead to an exception. Providing advanced users help many developers can not link help with good security, but good help can indeed reduce user mistakes to improve security. For example, a good help file can prevent certain types of users from entering error messages by displacing the information you want to receive. Reduce the input error allows us to completely analyze the remaining error messages and ultimately reduce the security risks that are incorrect. Help can come from all forms, including useful error messages. Some data types will make some special challenges, and your application must handle these issues to ensure data integrity and security. For example, the date is a data input entry that often problems. First, you must consider the format of the date. Users may enter 1 June 2003, 06/01 / 2003, June 1, 2003, 2003/06 / 01 or other acceptable variables. You should constrain your own app, only one date format is allowed to check the validity of date information. But the error message and help file can tell the user which format that must be used so that users will not be frustrated when entering an effective date using the error format (because there is a help reminder format). No matter what you do, there are still some users try to abuse the system. They may use the wrong format to enter the date, even if the input does not contain information.
