Secure coding facts for kids
Secure coding is like building a strong, safe house for computer software. It's all about writing computer programs in a special way to stop mistakes that could let bad things happen. Think of it this way: sometimes, programs have small errors or "bugs" that can become weak spots. These weak spots are often the main reason why programs can be attacked or misused.
Experts who study computer security have looked at thousands of these weak spots. They found that most of them come from a few common mistakes programmers make. By learning about these mistakes and teaching programmers better, safer ways to write code, companies can make their software much stronger. This helps fix problems before the software is even used by people. Some smart people even say that security should be "baked in" or designed into the software from the very beginning. This makes sure the program is safe from the inside out and protects it better.
Contents
What is Secure Coding?
Protecting Against Data Overflows
How Data Overflows Happen
Imagine you have a small box that can only hold 8 toys. What happens if you try to put 9 toys into it? The extra toy will spill out! In computer programs, something similar can happen. This is called a buffer overflow. It occurs when a program tries to put more information (data) into a storage space (called a "buffer") than it was designed to hold.
When this extra data spills out, it can overwrite other important information in the computer's memory. This can cause the program to crash or, even worse, create a weak spot that someone could use to make the program do things it shouldn't.
Fixing Data Overflows
Programmers use special techniques to prevent these overflows. For example, when copying information, they make sure to only copy a certain amount that fits the space. Here's a simple idea of how it works in a programming language like C:
int secure_function(char * user_input) {
char dst[BUF_SIZE]; // This is our box, sized BUF_SIZE
// We copy a MAXIMUM of BUF_SIZE bytes
strncpy(dst, user_input, BUF_SIZE);
// We make sure the last spot is empty, like a stopper
dst[BUF_SIZE -1] = '\0';
}This code makes sure that no matter how much information `user_input` has, only the right amount will be copied into `dst`. This stops the "spill" and keeps the program safe.
Preventing Tricky Format Attacks
Understanding Format String Attacks
Sometimes, programs use special functions to display text, like the `printf()` function in C. This function needs to know exactly how to show the text. For example, if you want to show a number, you tell `printf()` to expect a number.
A format string attack happens when someone trying to cause trouble gives the program a special message that tricks the `printf()` function. Instead of just showing the message, the function might get confused and try to read or write information from parts of the computer's memory it shouldn't. This can make the program crash or reveal secret information.
Here's a very simple example of a program that could be tricked:
int vulnerable_print(char * tricky_message) {
printf(tricky_message); // This program is easily tricked!
}If a tricky message like "%s%s%s%s%s%s%s" is given to this program, it might try to read too much from memory, causing it to crash. To prevent this, programmers always tell `printf()` exactly what kind of message to expect, so it can't be tricked.
Handling Big Numbers Safely
What is Integer Overflow?
Computers store numbers in specific-sized containers. An integer overflow happens when a math problem in a program creates a number that is too big to fit into its container. Imagine a calculator that can only show numbers up to 999. If you try to add 500 + 600, the answer (1100) is too big. The calculator might show something unexpected, like 100, or even crash!
In computer programs, if a number gets too big and overflows, it can lead to mistakes or create a weak spot that someone could use to cause problems.
How to Prevent Integer Overflow
Good programmers always check if numbers will fit before doing math. Here's an idea of how they might check in a language like C++:
bool sumIsValid_secure(unsigned int x, unsigned int y) {
unsigned int sum = x + y; // Try to add x and y
// Check if the sum is still bigger than or equal to x AND y
// AND if it's less than or equal to our maximum allowed number (MAX)
return sum >= x && sum >= y && sum <= MAX;
}This code makes sure that the `sum` is not only less than a maximum value (`MAX`) but also that it hasn't "wrapped around" due to overflowing. If the sum became smaller than `x` or `y` after adding, it means an overflow happened, and the program knows something went wrong.
Stopping Unauthorized File Access
What is Path Traversal?
Imagine a website that lets you read different articles by typing their names. For example, you might type "dogfood.html" to read an article about dog food. A path traversal problem happens when a program lets someone trick it into looking for files in places it shouldn't.
It's like if you could type "go back two folders and then open the secret diary" instead of just "open the dogfood article."
An Example of Path Traversal
Let's say a website uses a link like this to show an article: https://www.example.net/cgi-bin/article.sh?name=dogfood.html The program expects `name=` to be an article file. But if the program isn't careful, someone could try to use a special trick like `../../` which means "go up one folder." If they type something like this: https://www.example.net/cgi-bin/article.sh?name=../../../../../etc/passwd This could trick the program into going back many folders and trying to open a file called `/etc/passwd`. On some computer systems, this file contains important information about users, like their usernames and where their personal files are kept. This is a big problem because it lets someone see information they shouldn't.
To prevent this, good programs always check what you type very carefully. They make sure you can only ask for files that are allowed and in the right place.
See Also
- Keeping Applications Safe
- Writing Strong Programs
- Computer Program Mistakes
- Secure by default
