C functions - security?
 

which are the C functions that may result in a security compromise? i heard somewhere that scanf may be cause for buffer overflows?

where can i find a list of functions that shouldn't be used and which should be used?

Lots of C functions are potentially insecure. As a rule of thumb, if they do string processing or take a variable number of arguments (like printf and scanf), you have to be careful in their use. As an example, using printf like this to display a string entered by the user is insecure:

printf(users_string);

because a malicious user can put formatting directions in the string they enter (e.g. %s) and make printf expect further arguments after user_string, which will cause it to crash. In some cases, clever hackers are able to exploit this to run a small piece of assembly code, which if the C program is suid, can compromise the root account (for example, by opening a root shell).

Alex

HUCH! This is very clever. Must have been a bright guy who figured that... :eek:

thank you. that was useful.

You may like this article http://www.neworder.box.sk/newsread.php?newsid=5333

thanks. that was a good read, tho i don't know any asm