Revision as of 14:24, 7 April 2019 edit KylieTastic (talk \| contribs) Autopatrolled, Administrators 521,634 edits m Reverted 1 edit by 121.210.140.68 (talk) to last revision by Rsrikanth05 (TW) Tag: Undo ← Previous edit		Revision as of 15:32, 8 April 2019 edit undo Nehirdemir (talk \| contribs) 6 edits →Buffer-overflow prevention Next edit →
Line 8: '''Secure coding''' is the practice of developing computer [[software]] in a way that guards against the accidental introduction of security vulnerabilities. Defects, bugs and logic flaws are consistently the primary cause of commonly exploited software vulnerabilities.<ref name="bss2001">{{Cite book\| last = Viega \| first = John \|author2=Gary McGraw \| title = Building Secure Software: How to Avoid Security Problems the Right Way \| year = 2001 \| publisher = MAddison-Wesley Professional \| pages = 528 \| isbn = 978-0201721522 \| page = }}</ref> Through the analysis of thousands of reported vulnerabilities, security professionals have discovered that most vulnerabilities stem from a relatively small number of common software programming errors. By identifying the insecure coding practices that lead to these errors and educating developers on secure alternatives, organizations can take proactive steps to help significantly reduce or eliminate vulnerabilities in software before deployment. == ~~Buffer~~Ara Bellek-~~overflow~~taşması ~~prevention~~önlemi == [[Ara Bellek Taşması]],İşlemci belirlenen ara bellek uzunluğunu aştığında ortaya çıkan genel yazılım güvenlik açığıdır. Örneğin veri ögelerini saklamak için 8 bölüt varsa,9 veri ögesi saklanmak istenildiğinde problem ortaya çıkar.Bilgisayar belleği taşan veri sorunuyla karşılaştığında verinin bir sonraki yerine üstüne yazma işlemi gerçekleştirir,bu da güvenlik zafiyetine(yığın aşılması) veya programın bitirilmesine(bölümlendirme hatası) sebebiyet verebilir.<ref name="bss2001"/> [[Buffer overflow]]s, a common software security vulnerability, happen when a process tries to store data beyond a fixed-length buffer. For example, if there are 8 slots to store items in, there will be a problem if there is an attempt to store 9 items. In computer memory the overflowed data may overwrite data in the next ___location which can result in a security vulnerability (stack smashing) or program termination (segmentation fault).<ref name="bss2001"/> An ara ~~example~~bellek oftaşmasına aeğilimi olan bir C [[C (~~programming~~programlama ~~language~~dili)\|C]] ~~program prone to a~~programı ~~buffer~~aşağıda ~~overflow~~verilmiştir. is<syntaxhighlight lang="c++"> int vulnerable_function(char * large_user_input) { char dst[SMALL]; strcpy(dst, large_user_input); } </syntaxhighlight>IfEğer ~~the~~kullanıcı ~~user~~hedef ~~input~~bellekten isdaha ~~larger~~büyük ~~than~~bir ~~the~~girdi ~~destination buffer~~verirse,ara ~~a buffer~~bellek ~~overflow~~taşması ~~will~~meydana ~~occur~~gelebilir. ToBu ~~fix~~tehlikeli ~~this~~programı ~~unsafe~~düzeltmek ~~program~~için, ~~use~~ strncpy tometodu olası ~~prevent~~ara abellek ~~possible~~taşması ~~buffer~~problemini ~~overflow~~önleyebilir.<syntaxhighlight lang="c++"> int secure_function(char * user_input) { char dst[BUF_SIZE]; Line 24: strncpy(dst, user_input,BUF_SIZE); } </syntaxhighlight>~~Another~~Diğer ~~secure~~güvenli ~~alternative~~seçenek isise tohafızayı ~~dynamically~~dinamik ~~allocate~~olarak ~~memory~~yığın ~~on the heap using~~yapısıyla ayırmaktır.[[malloc]].<syntaxhighlight lang="c++"> char * secure_copy(char * src) { int len = strlen(src); Line 35: return dst; } </syntaxhighlight>InYukarıdaki ~~the~~kod ~~above code snippet~~parçasında, ~~the~~ program ~~attempts to copy the contents of~~ '''''src''''' into '''''dst,''''' ~~while~~içeriklerini ~~also~~kopyalar,bunu ~~checking~~yaparken ~~the return value of~~de malloc'tan ~~to ensure that enough~~gelen ~~memory~~dönüş ~~was~~tipini ~~able~~kontrol toeder beki ~~allocated~~hedef ~~for~~belleğin ~~the~~yeterli ~~destination~~hafızası ~~buffer~~olsun. == Format-string attack prevention ==

Secure coding: Difference between revisions