Race Conditions and Integer vulnerabilities
Ungraded Quiz
- What is a TOCTOU race? Could you diagram one?
- Sketch out an integer vulnerability and why it is dangerous
Key Concepts
- understand why software security is important — your most likely security-related role if you will be a developer
- the importance of thinking like an attacker if you are a defender
Race Conditions
- TOCTOU race — why they occur, how they work
- see Figure 6.1, page 157 and the subsequent example
- understand what it means to disable interrupts and why this is not a viable method on modern systems
- walking through unsuccessful approaches is useful to understanding offensive and defensive thinking
- understand the example in Figure 6.2, page 159
- understand the
/tmp file exploits example
Integer-based vulnerabilities
- due to integer bugs
- related to side-effects of types conversions between different integer types or signedness
- understand why we study C
- understand C data types, unsigned and signed versions
- both implicit and explicit type casting occurs
- understand what integer overflow is
- understand signed vs unsigned numbers
- understand two’s complement — see Table 6.3, page 164
- undersatnd Example on Integer overflow on multiplication
- see Table 6.2, page 163 for examples of integer vulnerabilities
- understand pointer arithmetic and how that can be exploited by integer vulnerabilities
- understand software consequences list, 1 through 4
- mitigations — compiler flags to catch integer errors, developer toolsets, safe integer library functions
- it would be great to switch to a better language (Rust!) but we have to live with what we have for now
