[ISN] Unsafe at any speed: Memcpy() banished in Redmond

From: InfoSec News <alerts_at_private>
Date: Fri, 15 May 2009 04:39:31 -0500 (CDT)

By Dan Goodin in San Francisco 
The Register
15th May 2009

Memcpy() and brethren, your days are numbered. At least in development 
shops that aspire to secure coding.

Microsoft plans to formally banish the popular programming function 
that's been responsible for an untold number of security vulnerabilities 
over the years, not just in Windows but in countless other applications 
based on the C language. Effective later this year, Microsoft will add 
memcpy(), CopyMemory(), and RtlCopyMemory() to its list of function 
calls banned under its secure development lifecycle.

Memcpy has long served as a basic staple of C-based languages, providing 
a simple way to copy the contents from one chunk of memory to another. 
Its drawback comes when the source to be copied contains more bytes than 
its destination, creating overflows that present attackers with 
opportunities to remotely execute code in the underlying application.

"That's definitely one of those notoriously dangerous C commands," said 
Johannes Ullrich, CTO of the SANS Institute, who teaches secure coding 
classes to developers. He likened memcpy() to other risky functions such 
as strcpy() and strcat(), which have Microsoft has already banned after 
exacting untold misery over the years.


LayerOne 2009, Information Security for the discerning professional. 
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California 
Visit http://layerone.info for more information
Received on Fri May 15 2009 - 02:39:31 PDT

This archive was generated by hypermail 2.2.0 : Fri May 15 2009 - 02:44:14 PDT