In practice this requires more than superficial acquaintance
with the source code and remains the primary reason the majority of users of open
source software do not contribute to its development. It takes a significant amount of
time to become familiar with the architecture of any software system, especially one in
which you have not been involved from the start.
What to Patch
Clearly, we are interested in patching the root cause of the vulnerability without introducing
any additional vulnerabilities. Securing software involves more than just replacing
insecure functions with their more secure counterparts. For example, the common
replacement for strcpy()??”strncpy()??”has its own problems that far too few people are
aware of.
Gray Hat Hacking: The Ethical Hacker??™s Handbook
484
Chapter 19: Closing the Holes: Mitigation
485
PART IV
NOTE The strncpy() function takes as parameters source and destination
buffers and a maximum number, n, of characters to copy. It does not guarantee
null termination of its destination buffer. In cases where the source buffer
contains n or more characters, no null-termination character will be copied
into the destination buffer.
In many cases, perhaps the majority of cases, no one function is the direct cause of a
vulnerability.
Pages:
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848