ity of the program. You may have something like a filename that could be inserted
before the value is read and operated on. Race conditions can be tricky to find and
isolate because of the asynchronous nature of programs with multiple threads.
Without controls like semaphores to indicate when values are in a state they can be
read or written to safely, you may get inconsistent behavior simply because the pro‐
grammer can’t directly control which thread will get access to the CPU in which
order.
Input Validation
Input validation
is a broad category that somewhat encompasses buffer overflows. If
the buffer passed in is too long and hasn’t been checked, that’s an input validation
problem. However, far more issues occur with input validation than just buffer over‐
flows.
Example 4-2
shows a small fragment of C code that could easily be vulnerable
to attack without proper input validation.
Example 4-2. C Program with potential input validation errors
int tryThis
(
char *value
)
{
int ret;
ret
=
system
(
value
)
;
return
ret;
}
This is a small function that takes a string in as a parameter. The parameter is passed
directly to the C library function
system
, which passes execution to the operating sys‐
tem. If the value
useradd attacker
were to be passed in, that would be passed directly
to the operating system, and if the program had the right permissions, it would be
creating a user called
attacker
. Any operating system command could be passed
through like this. Without proper input validation, this could be a significant issue,
especially without appropriate permissions given to the program under attack.
This is an issue that is perhaps more likely to be seen in web applications. Command
injection, SQL injection, and XML injection attacks are all examples of poor input
validation. Values are being passed into elements of an application without being
checked. This input could potentially be an operating system command or SQL code,
as examples. If the programmer isn’t properly validating input before acting on it, bad
things can happen.
Access Control
Access control
is a bit of a catchall category. One area where this is a problem is when
programs are given more permissions or privileges than they need to function. Any
program running as root, for example, is potentially problematic. If the code can be
