----------------
find.c:610: recvfrom
Check to make sure malicious input can have no ill effect.
Carefully check all inputs.
----------------
Gray Hat Hacking: The Ethical Hacker??™s Handbook
284
To locate vulnerabilities, you will need to determine which types of input, if any, result
in user-supplied data being manipulated in an insecure fashion. First, you will need to
identify the locations at which the program accepts data. Second, you will need to determine
if there is an execution path that will pass the user data to a vulnerable portion of
code. In tracing through these execution paths, you need to note the conditions that are
required in order to influence the path of execution in the direction of the vulnerable
code. In many cases, these paths are based on conditional tests performed against the user
data. To have any hope of the data reaching the vulnerable code, the data will need to be
formatted in such a way that it successfully passes all conditional tests between the input
point and the vulnerable code. In a simple example, a web server might be found to be
vulnerable when a get request is performed for a particular URL, while a post request for
the same URL is not vulnerable. This can easily happen if get requests are farmed out to
one section of code (that contains a vulnerability) and post requests are handled by a different
section of code that may be secure.
Pages:
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516