C/C++ Secure Coding
|Duration: 2 days||
1 095 € (+ VAT 20%)
Minimum numbers of delegates for course to take place is 6.
The training explains in details the mechanisms underlying typical C/C++ security relevant programming bugs – the common security vulnerabilities. The root causes of the problems are explained through a number of easy-to-understand source code examples, which at the same time make clear how to find and correct these problems in practice. The real strength of the course lays in numerous hands-one exercises, which help the participants understand how easy it is to exploit these vulnerabilities by the attackers.
The course also gives an overview of practical protection methods that can be applied at different levels (hardware components, the operating system, programming languages, the compiler, the source code or in production) to prevent the occurrence of the various bugs, to detect them during development and before market launch, or to prevent their exploitation during system operation. Through exercises specially tailored to these mitigation techniques participants can learn how simple – and moreover cheap – it is to get rid of various security problems.
Common security vulnerabilities: Buffer Overflow (BOF), stack and heap overflow; array indexing problems, the unicode bug; missing or improper input validation, integer problems, widthness bug, signedness bug, arithmetic overflow, Printf format string bug (PFS), Directory Traversal Vulnerability (DTV); improper use of security features, weak randomness, password management; error handling-related problems; race conditions, Time-of-Checking-to-Time-of-Usage (TOCTTOU) vulnerability, safe signal handling, and many more…
Mitigation techniques: Never eXecute (NX bit) access mode of Virtual Memory Management (VMM); Address Space Layout Randomization (ASLR) – PaX, ExecShield; Stack smashing protection (SSP), StackGuard, ProPolice.
Exercises: exploiting stack overflow – executing shell codes; applying protection techniques (stack smashing protection, non-executable stack and heap, ASLR); circumventing protections with NOP sleding, Return-to-libc attack, Return Oriented Programming (ROP); understanding integer problems; applying mitigation techniques; crafting a printf format attack string – write-what-where (WWW) possibilities; password management; problems of exception-based error handling; exploiting race conditions; and many spot and-correct-the-bug exercises.
C/C++ developers, software architects and testers
IT security and secure coding
- General security vs. IT security
- IT security related terms
- Definition of risk
- Specialty of information technology security
- Different aspects of IT security
- Requirements of different application areas
- IT security vs. secure coding
- From vulnerabilities to botnets and cyber crime
- Classification of security flaws
Security relevant C/C++ programming bugs and flaws
- Exploitable security flaws
- Protection principles
- x86 machine code, memory layout, stack operations
- Buffer overflow
- Stack overflow
- Protection against stack overflow
- Stack smashing protection variants
- Address Space Layout Randomization (ASLR)
- Non executable memory areas – the NX bit
- Return-to-libc attack – circumventing the NX bit
- Heap overflow
- Protection against heap overflow
- Input validation concepts
- Integer problems in C/C++
- Integer problem mitigation
- Printf format string bug
- Mitigation of printf format string problem
- Some other common input validation problems
Improper use of security features
- Problems related to the use of security features
- Insecure randomness
- Weak PRNGs
- Stronger PRNGs
- Using random numbers – spot the bug!
- Exercise – Google cracking
- Password management and storage
- Special purpose hash algorithms for password storage
- Some other usual password management problems
Improper error and exception handling
- Typical problems with error and exception handling
- Empty catch block
- Overly broad throws
- Overly broad catch
- Exercise ErrorHandling – spot the bug!
Time and state problems
- Time and state related problems
- Serialization errors (TOCTTOU)
- Exercise TOCTTOU
- Race condition in signal handling
Code quality problems
- Dangers arising from poor code quality
- Poor code quality – spot the bug!
- Unreleased resources
- Type mismatch – Spot the bug!
- Exercise TypeMismatch
- Mixing delete and delete
Advices and principles
- Matt Bishop’s principles of robust programming
- The security principles of Saltzer and Schroeder
- Secure coding sources – a starter kit
- Vulnerability databases
- Recommended books – C/C++
Included in the training price:
- training materials;
- hot drinks, sweets and fruits available all the time;
- lunch at each training day;
- free parking.