February 2008 - Posts

DLL Preloading Attacks
A DLL preloading attack is something that can get you on a lot of different platforms. One of the first variants I heard about was in an ancient telnet daemon on certain versions of UNIX where you could specify environment variables, and one of the things Read More...
Posted 20 February 08 06:09 by david_leblanc | 2 Comments   
Terminating your app on heap corruption
Michael Howard has a FAQ on this here – there's also more information on this and related defenses in one of my chapters in Writing Secure Code for Windows Vista. One of the things I'd like to point out about enabling this, and several other defenses, Read More...
Posted 19 February 08 11:27 by david_leblanc | 3 Comments   
HD vs. Blu-ray (2)
I promise I'll get back to security stuff shortly, but over the weekend I ran into a couple of articles that explain the issues a lot better. So HD-DVD is quite likely going the way of the 8-track – no need to fight the tide (and no, I have no internal Read More...
Posted 18 February 08 01:29 by david_leblanc | 6 Comments   
HD vs. Blu-Ray
OK, so this isn't security related at all, just felt like grumbling about the latest development. If you're not interested in my thoughts on this, skip it now. A few years ago, I remodeled my basement, and took an odd room with only one window and wired Read More...
Posted 15 February 08 04:39 by david_leblanc | 2 Comments   
15 Most Influential Security People
This isn't exactly the list I would have drawn up, and I must be having a bad year, since I'm not on it <g>, but my friend Michael Howard is on the list. You can check it out here: http://www.eweek.com/c/a/Security/The-15-Most-Influential-People-in-Security-Today/ Read More...
Posted 14 February 08 02:12 by david_leblanc | 2 Comments   
MulDiv Mayhem
Here's another episode in my ongoing quest to stamp out integer overflows. MulDiv is a Windows API that was around before we had 64-bit integers as native types. MulDiv is defined like so: int MulDiv(int a, int b, int c) Ironically, the problem it's trying Read More...
Posted 07 February 08 01:09 by david_leblanc | 4 Comments   
Filed under
Unsafe String Handling with strncpy
I recently ran into a piece of code that looked like this: int len = cchIn; strncpy(dest, src, len - 1); This is bad, because strncpy is defined as so: char *strncpy( char * strDest , const char * strSource , size_t count ); The original complaint was Read More...
Posted 05 February 08 03:20 by david_leblanc | 0 Comments   
Filed under

Search

This Blog

Syndication

Page view tracker