The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities
Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z] C programming language arithmetic boundary conditions binary encoding bit fields bitwise shift operators byte order character types data storage floating types format strings function invocations implementation defined behavior integer types macros numeric wrapping objects operands, order of evaluation operators 2nd right shift size pointers arithmetic vunerabilities precedence preprocessor security signed integers, boundaries standards stdio file interface string handling structure padding switch statements type conversions assignment operators comparisons conversion rules default type conversions explicit type conversions floating point types function prototypes implicit type conversions integer promotions narrowing sign extensions simple conversions typecasts usual arithmetic conversions value preservation vunerabilities widening types typos unary + operator unary operator unary operator undefined behavior unsigned integers, boundaries C Programming Language, The C Rationale document C++ programming language, EH (exception handling) Cache-Control header field (HTTP) calling conventions, functions canary values candidate points canonicalization, files, Windows NT capabilities, Linux carry flags (CFs) CAS (code access security) case sensitivity, Windows NT filenames CBC (cipher block chaining) mode cipher CC (code comprehension) strategies, code audits algorithm analysis black box hit traces class analysis module analysis object analysis trace malicious input CER (Canonical Encoding Rules), ASN.1 (Abstract Syntax Notation) Certificate Payload Integer Underflow in CheckPoint ISAKMP listing (16-2) certificate payloads, ISAKMP (Internet Security Association and Key Management Protocol) certificate request payloads, ISAKMP (Internet Security Association and Key Management Protocol) CFML (ColdFusion Markup Language) CFs (carry flags) CGI (Common Gateway Interface) 2nd environment variables indexed queries chain of trust relationships Challenge-Response Integer Overflow Example in OpenSSH 3.1 listing (6-3) change monitoring Character Black-List Filter listing (8-22) character equivalence, Unicode Character Expansion Buffer Overflow listing (8-4) character expansion, text strings character sets character stripping vulnerabilities, metacharacters, filtering character types, C programming language Character White-List Filter listing (8-23) Charge-To header field (HTTP) checked build application access checkForAnotherInstance( ) function checksum, IP (Internet Protocol) child processes, UNIX processes chroot jails cipher block chaining (CBC) mode cipher circular linked lists clarity, software design Clarke, Arthur C. class diagrams, UML (Unified Markup Language) classes analyzing, CC (code comprehension) IP addresses vulnerabilities design vunerabilities implementation vunerabilities operational vunerabilities vunerabilities cleanup( ) function cleanup_exit( ) function Cleaton, Nick client IP addresses, maintaining state with client tier (Web applications) clients client control pipe squatting visibility close( ) function close-on-exec file descriptor, UNIX CloseHandle( ) function closing files, studio file system TCP connections Clowes, Shaun CLR (Common Language Runtime) CLSIDs, mapping to applications, COM (Component Object Model) code auditing 2nd 3rd binary navigation tools CC (code comprehension) strategies CP (candidate point) strategies 2nd debuggers dependency alnalysis desk checking DG (design generalization) strategies 2nd fuzz testing tools internal flow analysis OpenSSH case study rereading code running code scorecard SDLC (Systems Development Life Cycle) source code navigators subsystem alnalysis test cases memory, finding in reuse source code, profiling typos, C programming language code access security (CAS) [See CAS (code access security).] code naigation external flow sensitivity tracing code page assumptions, Unicode Code Page Mismatch Example listing (8-31) code paths code review application review phase 2nd 3rd bottom-up approach hybrid approach iterative process peer reviews planning reevaluation status checks top-down approach working papers code auditing 2nd 3rd binary navigation tools CC (code comprehension) strategies CP (candidate point) strategies 2nd debuggers dependency alnalysis desk checking DG (design generalization) strategies 2nd fuzz testing tools internal flow analysis OpenSSH case study rereading code scorecard source code navigators subsystem alnalysis test cases code navigation external flow sensitivity tracing documentation and analysis phase 2nd findings summary preassessment phase application access information collection scoping process outline remediation support phase 2nd Code Surfer code-auditing situations CoInitializeEx( ) function ColdFusion ColdFusion Markup Language (CFML) ColdFusion MX collecttimeout( ) function collisions, Windows NT object namespaces COM (Component Object Model), Windows NT access controls Active X security application audits application identity 2nd application registration ATL (Active Template Library) automation objects 2nd CLSID mapping components DCOM Configuration utility impersonation interface audits interfaces IPC (interprocess communications) MIDL (Microsoft Interface Definition Language) OLE (Object Linking and Embedding) proxies stubs subsystem access permissions threading type libraries COMbust tool Common Gateway Interface [See CGI (Common Gateway Interface).] Common Language Runtime (CLR) common real types Communications of the ACM Comparison Vulnerability Example listing (6-20) comparisons, type conversions, C programming language compensating controls, operational vunerabilities component diagrams, UML (Unified Markup Language) Component Object Model (COM) [See Component Object Model (COM).] Computer Security: Art and Science concurrent programming APCs (asynchronous procedure calls) deadlocks multithreaded programs process synchronization interprocess synchronization lock matching synchronization object scoreboard System V synchronization Windows NT synchronization race conditions reentrancy repetition shared memory segments signals asynchronous-safe function 2nd 3rd default actions handling interruptions 2nd jump locations non-returning signal handlers 2nd 3rd sending signal handler scoreboard signal masks vunerabilities 2nd starvation threads deadlocks PThreads API race conditions starvation Windows API condition variables, PThreads API conditions, ACC logs, unanticipated conditions confidentiality encryption algorithms block ciphers common vunerabilities exchange algorithms IV (initialization vector) stream ciphers expectations of configuration files OpenSSH UNIX configuration settings ASP ASP.NET Java servlets PHP CONNECT method Connection header field (HTTP) connection points, objects connections RPCs (Remote Procedure Calls) TCP (Transmission Control Protocol) 2nd blind connection spoofing connection tampering establishing fabrication flags resetting states ConnectNamedPipe( ) function constraint establishment, test cases, code audits Content-Encoding header field (HTTP) Content-Language header field (HTTP) Content-Length header field (HTTP) Content-Location header field (HTTP) Content-MD5 header field (HTTP) Content-Range header field (HTTP) Content-Transfer-Encoding header field (HTTP) Content-Type header field (HTTP) CONTENT_LENGTH (environment variable) CONTENT_TYPE (environment variable) context handles, RPCs (Remote Procedure Calls) contexts, Windows NT sessions, access tokens control flow, auditing flow transfer statements looping constructs switch statements control-flow sensitive coide navigation Controller component (MVC) controlling terminals, UNIX conversion rules, type conversions, C programming language ConvertSidToStringSid( ) function ConvertStringSidToSid( ) function cookies stack cookies COPY method core files CoRegisterClassObject( ) function Correct Use of GetFullPathName( ) listing (8-13) corruption (memory) buffer overflows global overflows heap overflows off-by-one errors process memory layout SHE (structured exception handling) attacks stack overflows static overflows protection mechanisms ASLR (address space layout randomization) assessing function pointer obfuscation heap hardening nonexecutable stack SafeSEH stack cookies shellcode Cost header field (HTTP) counter (CTR) mode cipher CP (candidate point), code audits 2nd application-specific CPs automated source analysis tools black box generated CPs general approach simple binary CPs simple lexical CPs crackaddr( ) function CRC (cyclic redundancy check) routines Create*( ) functions CreateEvent( ) function CreateFile( ) function 2nd 3rd 4th 5th 6th CreateHardLink( ) function CreateMutex( ) function 2nd CreateNamedPipe( ) function 2nd CreateNewKey( ) function CreatePrivateNamespace( ) function CreateProcess( ) function 2nd CreateRestrictedToken( ) function CreateSemaphore( ) function CreateWaitableTimer( ) function credentials, authorization, untrustworthy credentials critical sections, Windows API cross-site scripting ASP ASP.NET Java servlets Perl PHP XSS cryogenic sleep attacks crypto subsystem, SSH server, code audits CRYPTO_realloc_clean( ) function cryptographic hash functions cryptographic signatures cryptography cryptographic data integrity cryptographic signatures hash functions originator validation salt values encryption algorithms block ciphers common vunerabilities exchange algorithms IV (initialization vector) stream ciphers Cscope source code navigator Ctags source code navigator CTR (counter) mode cipher Cutler, David cyclic redundancy check (CRC) routines |
Категории