| |||||||
| Programming and Assembly Language Please read this Topic's rules!! |
 |
| | LinkBack | Thread Tools | Rate Thread |
30th May, 2002, 07:45 PM
| |||
| |||
| Making "Hard" C code I'm writing a daemon service for Solaris 8 in C. It's not very complicated, but I have to consider making the code hard, as it's going to be public facing. This sparc box has been configured to trap buffer overflow attacks (I like that feature!  ), and my code has been written to try and trap those as well: e.g. no "strcpy"s in the code (I'm using "strncpy" and "memcpy" instead) etc.Does anyone know of any other common attack methods that I should be looking for within the code? Any thoughts welcome. Thanks.
__________________      |
|
30th May, 2002, 07:54 PM
| ||||
| ||||
| Welcome to our forums madfool81, We hope to see you in Seattle!!
__________________ "Though all men live in ignorance before mystery, they need not live in darkness... Justice is foundation and Mercy ETERNAL." DKE "All that we do is touched by Ocean Yet we remain on the shore of what we know." Richard Wilbur [img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img] Subscribers! Ask Pitch about a Custom Sig Graphic Last edited by Daniel ~; 30th May, 2002 at 10:05 PM. |
|
30th May, 2002, 09:27 PM
| |||
| |||
| Re: Making "Hard" C code Quote:
Buffer Overflows Format string bugs Not sanitizing input As for trapping buffer overflows within Solaris, you might want to read some of the work by people like Solar Designer, Nergal and John McDonald. They have all worked on methods of working around Solaris's non-exec stack. AidanII
__________________ Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry). |
|
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Rate This Thread | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Latest ATI "R600," "R610" and "R630" details | danrok | Graphics and Sound cards; Speakers and other Peripherals | 0 | 9th January, 2007 10:44 AM |
| EPoX 8RDA3I Pro stuck on "F2" post code. | DarkKnight | EPoX MotherBoards | 8 | 17th September, 2006 07:16 AM |
| Pb 4*1Gb on 4PCA3+ - No Boot Error Post Code "AF" not documented!? | stormbyte | EPoX MotherBoards | 15 | 22nd May, 2006 01:54 PM |
| "Bar-Code" site shut down under pressure from Wal-Mart. | mookydooky | Random Nonsense! | 17 | 6th May, 2003 06:31 PM |
| 8K3A+ "C5 Post Code Error"... System will not boot | Bring the Noise | CRASHED! | 5 | 26th August, 2002 03:58 AM |
.gif)
