Back to Security Pattern Catalog




Safe Data Structure


Classification Key : Core Security, Tampering

Problem

Buffer overflow is a security threat that occurs from bad programming practice. If every string handling routine checked allocated memory and validated input beforehand, buffer overflow would not occur. However, in practice, they are not written to be safe. How can string routines be made safe from buffer overflow attacks?

Solution

Represent strings with data structure that includes length information and allocated memory information. All string routines should check for length and memory available before proceeding.

Known Uses

The string library re-written in qmail. The stralloc data type. typedef struct stralloc { char *s; // pointer to the string or 0 if unallocated unsigned int len; // number of bytes in the string unsigned int a; // count of allocated bytes in the string }

Source

Hafiz et. al.

Tags

Buffer Overflow


 

Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz