IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [c]

The C programming language, commonly used for low-level programming

C is a low-level programming language. It allows direct pointer manipulation and does not intrinsically verify array bounds, making it rife for security vulnerabilities.

Use this tag for questions about security that are directly related to C, such as security analysis of C code and exploiting badly-written C code. Do not use this tag just because you're writing a program in C, only if C is directly relevant to the question. Questions about programming in C are off-topic here, but can be asked on Stack Overflow.

284 questions
135
votes
8 answers

Why are programs written in C and C++ so frequently vulnerable to overflow attacks?

When I look at the exploits from the past few years related to implementations, I see that quite a lot of them are from C or C++, and a lot of them are overflow attacks. Heartbleed was a buffer overflow in OpenSSL; Recently, a bug in glibc was…
Nzall
  • 7,313
  • 6
  • 29
  • 45
72
votes
6 answers

Is it dangerous to compile arbitrary C?

I have a small server and I would like to check compile times on C programs provided by users. The programs would never be run only compiled. What risks are there to allowing users to compile arbitrary C using gcc 5.4.0?
Sriotchilism O'Zaic
  • 523
  • 1
  • 4
  • 7
53
votes
4 answers

Old OS memory space protection - was it really that bad?

In his book Security Engineering, Anderson really focuses on how in the 90s and early 2000s programs would need to access memory that wasn't their own, and programmers programmed with the assumption the program would be run with administrative…
Celeritas
  • 10,039
  • 22
  • 77
  • 144
51
votes
3 answers

Security Review - password_hash implementation for PHP

I'm currently working on a "helper function" for PHP's core to make password hashing more secure and easier for the majority of developers. Basically, the goal is to make it so easy, that it's harder to invent your own implementation than to use the…
ircmaxell
  • 1,416
  • 12
  • 16
33
votes
6 answers

Is C a good choice for security-related software any longer?

C is a rock-solid and widespread programming language that is very popular especially in the FOSS community. Many security-related software (such as encryption libraries) are written in C and will probably be written in C also in the future. One of…
Aliquis
  • 769
  • 1
  • 7
  • 12
31
votes
4 answers

I feel like it's impossible to learn reverse engineering

I know how to use most of the tools in Kali like msfvenom and msfconsole and I can safely call myself a script kiddie. I learned the basics of C# and that helps me understand some of the things in C, but I still get easily lost. I know the basics…
Nikolay Atanasov
  • 451
  • 1
  • 5
  • 10
24
votes
1 answer

Does a single fopen introduce TOCTOU vulnerability?

I'm actually fixing driver under Linux. Klokwork said that code like: file = fopen(fileName, "w+"); // w+,r,a and any mix of those is used here if (file != NULL) { /* do things*/ } else { /* throw error */ } fclose(file); can end as Time-of-check…
user209896
  • 243
  • 3
  • 4
23
votes
2 answers

Exploiting buffer overflow leads to segfault

I am trying to exploit simple stack overflow vulnerability. I have a basic code in c: #include int main( int argc, char** argv ) { char buffer[500]; strcpy(buffer, argv[1]); return 0; } compiled using…
tsusanka
  • 447
  • 1
  • 3
  • 10
23
votes
6 answers

Is it important for an ethical hacker to know the C language in-depth nowadays?

I'm interested in becoming an ethical hacker someday. I've been reading articles saying the Python language is very popular in hacking activity because of the extent of its modules (including network). Nowadays, lots of applications are web…
Cronos
  • 233
  • 2
  • 5
21
votes
4 answers

Security Implications of Neglecting the Extra Byte for NULL Termination in C/C++ Arrays

Please Consider: English is my second language. On the Security Now! podcast episode 518 (HORNET: A Fix for TOR?), at the 27:51 mark Steve Gibson quotes an example of vulnerable code in C/C++: "[...] one of them [problems with vulnerable code] is…
user82100
19
votes
6 answers

Do high level languages allow for buffer / heap overflow?

I'm learning about basic x86 overflows in C but normally I code with Python. Is there anyway that programs written in higher level languages can suffer from buffer/heap overflow?
blank
  • 225
  • 1
  • 3
18
votes
4 answers

Does compiling from sources "kinda" protects from buffer overflow attacks?

While discussing buffers overflows, somebody told me that compiling your own binary for an application (with specific compilation flags) instead of using the "mainstream binary" makes it more difficult for an attacker to leverage buffer…
Brian Clozel
  • 283
  • 1
  • 6
16
votes
4 answers

Tricky code to make memory-safe

I'm designing a homework challenge for students who are learning about memory safety and writing secure C code. As part of this, I am looking for a small programming task where it's non-trivial to write C code that is free of buffer overruns, array…
D.W.
  • 98,420
  • 30
  • 267
  • 572
15
votes
4 answers

How is printf() in C/C++ a Buffer overflow vulnerability?

According to an article I just read, the functions printf and strcpy are considered security vulnerabilities due to Buffer overflows. I understand how strcpy is vulnerable, but could someone possibly explain how/if printf is really vulnerable, or I…
DarkMantis
  • 746
  • 1
  • 7
  • 19
15
votes
8 answers

Secure memcpy for pure C

Buffer overflows are nothing new. And yet they still appear often, especially in native (i.e. not managed) code... Part of the root cause, is usage of "unsafe" functions, including C++ staples such as memcpy, strcpy, strncpy, and more. These…
AviD
  • 72,138
  • 22
  • 136
  • 218
1
2 3
18 19