By Dan Goodin in San Francisco
15th May 2009
Memcpy() and brethren, your days are numbered. At least in development
shops that aspire to secure coding.
Microsoft plans to formally banish the popular programming function
that's been responsible for an untold number of security vulnerabilities
over the years, not just in Windows but in countless other applications
based on the C language. Effective later this year, Microsoft will add
memcpy(), CopyMemory(), and RtlCopyMemory() to its list of function
calls banned under its secure development lifecycle.
Memcpy has long served as a basic staple of C-based languages, providing
a simple way to copy the contents from one chunk of memory to another.
Its drawback comes when the source to be copied contains more bytes than
its destination, creating overflows that present attackers with
opportunities to remotely execute code in the underlying application.
"That's definitely one of those notoriously dangerous C commands," said
Johannes Ullrich, CTO of the SANS Institute, who teaches secure coding
classes to developers. He likened memcpy() to other risky functions such
as strcpy() and strcat(), which have Microsoft has already banned after
exacting untold misery over the years.
LayerOne 2009, Information Security for the discerning professional.
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California
Visit http://layerone.info for more information