[Info-vax] Evolving Source Code Practices for C and C++ (was: Re: Porting to Linux instead of x86-64 VMS, was: Re: 3rd party SATA SSD usage on RX2660+P400 in a production environment?)
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Mon Jul 8 16:02:55 EDT 2019
On 2019-07-08 18:18:42 +0000, Simon Clubley said:
> On 2019-07-03, Neil Rieck <n.rieck at sympatico.ca> wrote:
>>
>> Anyway, changes have been made to both C and C++ which (it is claimed)
>> cause both these compilers to generate safer executables provided the
>> developer is compiling with those extensions enabled. Ditching the
>> "gets()" i/o function seemed like a good idea since it is the source of
>> many exploits. I am also intrigued by the promise of (optionally)
>> including bounds checking to arrays. (I have only mentioned two changes
>> of many).
>
> John has also said that stack smashing protection (which is different
> from language level bounds checking) will now be used when building the
> higher level language parts of VMS for x86-64 and when this was last
> discussed, he was looking at how to add it to the Macro-32 compiler.
There are various parts to this discussion. The old and unsafe calls
including gets() and most of the classic str* calls get banned locally
or get deprecated locally—that's entirely possible to implement locally
now, using the preprocessor and ilk—and better replacement calls get
used and/or get provided—those replacement calls can be provided by the
user, though moving to C11 and C18 and to C++11 and C++17 would be
preferable to many—and then there are now code analysis and related
tools including the address sanitizer—sometimes known as asan—that's
now part of clang and of other tools, and there are now vastly better
fuzzing tools available for finding latent issues.
Some related reading...
https://clang.llvm.org/docs/AddressSanitizer.html
https://github.com/secfigo/Awesome-Fuzzing
https://github.com/google/syzkaller/blob/master/docs/syzbot.md
https://docs.microsoft.com/en-us/cpp/security/security-best-practices-for-cpp?view=vs-2019
https://resources.sei.cmu.edu/library/asset-view.cfm?assetID=494932
https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=88046682
https://wiki.sei.cmu.edu/confluence/display/c/SEI+CERT+C+Coding+Standard
https://docs.microsoft.com/en-us/previous-versions/bb288454(v=msdn.10)
etc.
Again, an increasing amount of the source code we're working with is
not and can no longer be considered static and permanent and
unchanging, whether we're discussing encryption and authentication, or
we're discussing evolving defenses against attacks and against exploits.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list