- [Instructor] Many security issues occur when software acts in an unexpected manner in response to invalid user input or another error situation. For this reason, appropriately handling errors is a critical component of software security. Software is designed to perform orderly transitions between different states. For example, let's consider a very simple software program that is designed to calculate the sales tax on a retail purchase. The software might sit at an input screen, waiting for the user to input the purchase amount.
Once it receives that input, it calculates the transaction's tax and then moves into a display mode, where it displays the tax amount to the user. The user can then press a new transaction button to enter another transaction amount. You might view this as three different states in the software. The first one is awaiting input. Once the user provides the input, it moves to the calculating tax state, where the program is actually figuring out the sales tax amount for that user's inputted transaction value, and then the displaying output phase, where it displays the taxable amount to the user.
This simple state transition model describes normal operation of the software very well. But what happens if an error occurs? For example, what if the user types Apple into the transaction amount field instead of a dollar amount? Our state diagram doesn't contain any instructions that the computer should follow if it receives this erroneous input, so we can't predict what will happen next. This situation is known as an unpredictable state and can lead to serious security vulnerabilities, such as buffer overflows and other compromises.
Error handling, otherwise known as exception handling, prevents this unpredictable state problem by providing the computer with explicit instructions on handling unpredictable states. For example, we might want to modify the software to display a message, indicating that the user must input a dollar amount if it receives some other type of input. The new state diagram would include this error handling. We'd still have the awaiting input state, but would then have an input validation state, where the software checks for a condition that might create an error.
If there is no error, the software would continue through the calculating tax and displaying output states. However, if the user had supplied erroneous input, the software would go from the validate input state into a state where it displays an error message. Different programming languages implement exception handling in different ways. As an example, Java uses the try-catch model. Let's look at an example. One common error in programming is dividing a value by zero.
This is mathematically impossible and results in an error. Let's look at how we can write secure code that handles this error properly. We start by defining our variables and then we write our division statement. As we've written it, dividing 10 by zero would result in a division by zero error. But we can enclose this division statement in a try clause that tells the Java interpreter to attempt the division, but then write a catch clause that tells the interpreter that if it encounters an arithmetic exception while attempting the division, such as dividing by zero, that it should report this error back to the user.
And that's all there is to exception handling. If you think through the different errors that could result from your code and provide explicit instructions for handling those errors, your code will be much more secure.
We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Defense in depth
- Separation of duties and responsibilities
- Designing secure networks
- VLANs and network segmentation
- Goals of cryptography
- Choosing encryption algorithms
- Integrating security in the software development lifecycle
- Software assessment and testing
- Code reviews and code tests