handmade.network » Forums » Code Security Auditing
Todd
107 posts

Code hacker/developer

#14656 Code Security Auditing
5 months, 4 weeks ago Edited by Todd on March 23, 2018, 1:32 a.m.

Do any of you folks who spend most of your time writing code in C or C++ specifically address security vulnerabilities in your code? What I mean by this is, do you actively audit your code, test, and check for buffer overflows, unsanitized user input, and other common security flaws? Does anyone have favorite resources which are essentially a checklist of what to look for? I've found a few myself and I was aware of most of them, but I figure I'd ask here because I know there are quite a few native devs here.

One of the benefits I seem to have discovered of spending most of my time writing native code these days is that most of these security problems are sorta built in to my "peripheral vision" so-to-speak while coding... Like for me, the second I start to write a "string" I'm already thinking about the null terminator... Likewise, when I write a for-loop I am paying close attention to the number of times it will execute vs. the number of times I need it to execute, etc... But I suppose one who is used to higher-level languages and then jumping into C occasionally may be more susceptible to opening up security holes in C.

Thanks.

I'm the smartest man in Athens because I know that I know nothing. ~ Socrates
mrmixer
Simon Anciaux
453 posts
#14775 Code Security Auditing
5 months, 3 weeks ago

If you're talking about security as in "if this software isn't secured, important data could be leaked" I don't know.

If you just want to be sure that your software behave as you intended there are a few tools to help but I don't have much experience with them:
- DrMemory
- Valgrind
- Static analyzer
--- Visual Studio: cl file.cpp -analyze
--- Clang: clang file.cpp --analyze
--- CppCheck
--- PVS studio (not free)
- Fuzzing

In handmade hero, Casey has some debug code (disabled most of the time) to check for buffer over/underflow: every allocation allocates an extra page of memory before (for underflow) or after (for overflow), and that page doesn't have write access. So if he was to write to those pages he would get an exception. I believe DrMemory and Valgrind can do that type of check but I'm not sure.
Todd
107 posts

Code hacker/developer

#15393 Code Security Auditing
3 months, 3 weeks ago

Awesome, yes the second part is exactly what I meant. I am using a lot of those types of tools at work. There's some pretty advanced stuff out there like taint propagation tools as well which I love.

I'm the smartest man in Athens because I know that I know nothing. ~ Socrates