May 26, 2015
With application development requiring a growing multitude of specialised programming languages and development frameworks, role-specific developer security training is more important than ever. In particular, C and C++ developers play a huge role in application development – but the language brings with it its own unique set of security concerns and potential vulnerabilities. To help your developers improve the security of their code, and to reinforce the benefits of rolling out a developer security training program, we’re looking at some of the most common (and serious) security threats posed by C/C++ development.
1) Buffer Overflows
A buffer overflow occurs when a user or process submits more data than an application was designed to support, resulting in unexpected modifications to the system’s memory. The excess data overflows into adjacent buffers, either corrupting or overwriting the existing data held within.In some instances, this allows an attacker to write code directly into the memory. If this code is designed to trigger a specific action, a buffer overflow attack can be used to erase user data or disclose confidential information.Buffer overflow attacks are one of the most common causes of data breaches and security vulnerabilities. As C and C++ provide no form of in-built protection against accessing and overwriting data, it’s essential for C/C++ developers to be aware of the threats posed by buffer overflow, and ensure that the string buffer arguments are checked for length and character validity (known as white list checking).
2) Arc Injection
Whilst many buffer overflow attacks rely on injecting new code into an application, arc injection attacks (also referred to as return to lib-c) transfer control to code that already exists in the process memory.This allows for more complex attacks, making it possible for a malicious third-party to invoke multiple functions in sequence with their own supplied arguments – effectively running their own small program of chained functions. In addition to increasing the severity of the attack, this method also leaves a much smaller footprint, making it harder to detect and counteract the attack.
3) Memory Leaks
Despite being primarily a performance issue, memory leaks have the potential to introduce security vulnerabilities – especially as C and C++ have no in-built garbage collection services.If a memory leak occurs in a user-land application, or a kernel-land process, it can quickly cause severe system stability issues. These memory leaks can cause the system to act in an unexpected way, and if the application isn’t able to function properly in the altered environment, it may become vulnerable to attack.
4) SQL Injection
Any language that interacts with a database server using SQL is potentially vulnerable to SQL injection. If user input is used to inject SQL into your application, C++ statements can send an SQL query to the database server, and then display the information the server sends back. This can be used to delete customer data, grant unrestricted database priveleges to attackers or siphon-off sensitive information.As with other coding languages, the best practices of preventing SQL injection in C/C++ are the same:
- Sanitise all user input.
- Use parameterised queries.
- Use the Least Privilege principle.
5) Double Free Attacks
Particular implementation of memory allocation can cause an application to become susceptible to double free attacks. This vulnerability occurs when calling free on a pointer that’s already been freed, before re-initialising the pointer with a new memory address. To minimise the risks of this happening, it’s a good idea to set pointers to NULL once they’ve been freed, and ensure that your code frees only valid blocks of memory.