📝 Original Info
- Title: On Implementation of a Safer C Library, ISO/IEC TR 24731
- ArXiv ID: 0906.2512
- Date: 2009-07-27
- Authors: Researchers from original ArXiv paper
📝 Abstract
The functions standardized as part of ISO C 1999 and their addendums improved very little the security options from the previously available library. The largest flaw remained that no function asked for the buffer size of destination buffers for any function copying data into a user-supplied buffer. According to earlier research we performed, we know that error condition handling was the first solution to security vulnerabilities, followed by precondition validation. The standard C functions typically perform little precondition validation and error handling, allowing for a wide range of security issues to be introduced in their use. ISO/IEC TR 24731, titled as "TR 24731: Safer C library functions", defines 41 new library functions for memory copying, string handling (both for normal and wide character strings), time printing, sorting, searching etc. Another innovation it brings is a constraint handling architecture, forcing error handling when certain security-related preconditions are violated when the functions are called. It also specifies the null-termination of all strings manipulated through its function and introduces a new unsigned integer type that helps preventing integer overflows and underflows. It is currently implemented by Microsoft as part of their Visual Studio 2005 and above. We examine the architecture of our implementation of ISO/IEC TR 24731. We first introduce our architectural philosophy before informing the reader about the Siemens Four View Model, an architectural methodology for the conception of large-scale software systems. Afterwards, we examine each of the view, as architected for our library. Finally, we conclude with other software engineering matters that were of high importance in the development of our implementation.
💡 Deep Analysis
Deep Dive into On Implementation of a Safer C Library, ISO/IEC TR 24731.
The functions standardized as part of ISO C 1999 and their addendums improved very little the security options from the previously available library. The largest flaw remained that no function asked for the buffer size of destination buffers for any function copying data into a user-supplied buffer. According to earlier research we performed, we know that error condition handling was the first solution to security vulnerabilities, followed by precondition validation. The standard C functions typically perform little precondition validation and error handling, allowing for a wide range of security issues to be introduced in their use. ISO/IEC TR 24731, titled as “TR 24731: Safer C library functions”, defines 41 new library functions for memory copying, string handling (both for normal and wide character strings), time printing, sorting, searching etc. Another innovation it brings is a constraint handling architecture, forcing error handling when certain security-related preconditions ar
📄 Full Content
On Implementation of a Safer C Library, ISO/IEC TR 24731.
Technical Report
CIISE Security Investigation Initiative
Represented by:
Marc-Andr´e Laverdi`ere-Papineau
Serguei A. Mokhov
Djamel Benredjem
{ma laver,mokhov,d benred}@ciise.concordia.ca
Montr´eal, Qu´ebec, Canada
April 2006
arXiv:0906.2512v2 [cs.SE] 27 Jul 2009
Contents
1
Introduction
1
1.1
Security Problems in C Standard Functions . . . . . . . . . . . . . . . . . . . . . . . . . . .
1
1.2
Introducing ISO/IEC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1
1.3
ISO/IEC TR 24731 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
2
2
Architecture
3
2.1
Principles and Philosophy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3
2.2
Summary of Siemens Four View Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4
2.2.1
Conceptual View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4
2.2.2
Module View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4
2.2.3
Execution View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4
2.2.4
Code View
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4
2.2.5
Conceptual View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5
2.2.5.1
Conceptual Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5
2.2.5.2
Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5
2.2.5.3
Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5
2.2.5.4
Resource Budgeting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
2.2.6
Module View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
2.2.6.1
Layering
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
2.2.6.2
Interface Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
2.3
Execution View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
2.3.1
Runtime Entities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
2.3.2
Communication Paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
2.3.3
Execution Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
2.4
Code View
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
i
ii
On Implementation of a Safer C Library, ISO/IEC TR 24731.
2.4.1
Source Components
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
2.4.2
Intermediate Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10
2.4.3
Deployment Components
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10
2.4.4
Make Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10
2.4.5
Configuration Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10
2.5
Example for One Module
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10
2.6
Iterations
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
11
2.7
Coding Standards
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
11
3
Implementation
12
3.1
Run-time Constraint Handling API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
12
3.2
Constraint Violation Information Encapsulation API . . . . . . . . . . . . . . . . . . . . . .
12
3.3
Constraint Enumeration and Validator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
14
3.4
Constraint Handling Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
16
4
Results
17
4.1
Implemented API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
17
4.1.1
Library
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
17
4.1.1.1
Data Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
17
4.1.1.2
Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
17
4.1.2
Private Constraint Handling API . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
17
4.1.2.1
Data Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
17
4.1.2.2
Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
21
4.2
Constraint Handling In Action – stdio . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
21
4.3
Constraint Handling In Action – string . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
22
5
Conclusions
25
5.1
Summary of the Difficulties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
25
5.2
Limitations So Far . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
…(Full text truncated)…
Reference
This content is AI-processed based on ArXiv data.