I’m An Unsafe Coder November 29, 2008
Posted by gordonwatts in computers.trackback
I’m finishing up a string of three owl shifts here at DZERO. One o the things I’m trying to accomplish is some minor improvements to the AI system that monitors DZERO’s data acquisition. Its job is to look for problems, and if it recognizes one, it attempts to fix it or, at the very least, tell us humans on shift how to fix it. I suppose it is more of an expert system than AI.
The last time this code underwent any real work was… well, years ago. The dark ages, actually. The code is cross-platform. Though it runs on Linux systems, I did most of the development work on a Windows system. For these minor upgrades I’m also building it on a Windows system.
The problem is the development tools from Microsoft. As you might guess, since I last built this thing they have done more than evolved! The biggest change, of course, is Microsoft got religion about security. This is even baked into their development tools. So when I build the AI system now I get 100’s of warnings of unsafe coding practices. I’d say 90% of them are great fodder for a buffer overrun exploit – a type of programming exploit that has caused millions of computers to be owned!
Of course, I don’t care. The AI system operates behind a firewall. Even though I know everything there is to know about this system (well, mostly…) there is no way for me to get at it when I’m offsite unless I am fully authenticated and using secure communication protocols. So, this is mostly a pain in the butt for me.
Well… not exactly.
Looking at a few of these closely I see that in many cases I am building strings dynamically and then copying them into fixed length buffers. The string building is dynamic, and I never check to make sure the length of the string is less than the buffer it is being copied into. Now, this can’t be that the dynamic string is longer than the buffer often: this AI program typically runs for weeks at a time. But… you know… now that I think about it and look back at the log files… every now and then it just stops. I’ve never been able to track down why. I wonder if it is something like this?
I guess these things are not only security problems (which I don’t care about) but perhaps are also bugs (which I do care about). Oh well, I guess I’m going to have to fix all of them. Darn.
And you completely trust the person who created the firewall?
Yup. Security bugs are also just coding bugs. Congratulations! Now, you’ve Got Religion, too!
[...] ckgni wrote an interesting post today onHere’s a quick excerpt I’m finishing up a string of three owl shifts here at DZERO. One o the things I’m trying to accomplish is some minor improvements to the AI system that monitors DZERO’s data acquisition. Its job is to look for problems, and if it recognizes one, it attempts to fix it or, at the very least, tell us humans on shift how to fix it. I suppose it is more of an expert system than AI. The last time this code underwent any real work was… well, years ago. The dark ages, actually. The code is cross-platform. Though it runs on Linux systems, I did most of the development work on a Windows system. For these minor upgrades I’m also building it on a Windows system. The problem is the development tools from Microsoft. As you might guess, since I last built this thing they have done more than evolved! The biggest change, […] [...]
If the language you are using supports object oriented strings, I would recommend switching to those, as they will automatically detect when the string needs to be increased in length, and will do so.
Ops! Missed the comments on this one.
-> I definately trust the code written in the switch more than I trust my own code!
-> This code is definately old old — some of it is more than 10 years old. Didn’t have religion then, not sure I do now!
-> Some of it uses libraries that are very very old — which take only char *’s.
put wrappers around the old interfaces ones that do the length checking automatically.
If you don’t have protection against random memory overwrites, how can you possibly trust your results?
Unit tests!