Many security issues occur when software acts in an unexpected manner in response to invalid user input or another error situation. For this reason, appropriately handling errors is a critical component of software security. In this video, learn about secure coding practices, including proper error and exception handling techniques for software.
- [Announcer] Many security issues occur when software acts in an unexpected manner in response to invalid user input or another error situation. For this reason, appropriately handling errors is a critical component of software security. Software is designed to perform orderly transitions between different states. For example, let's consider a very simple software program that is designed to calculate the sales tax on a retail purchase. The software might sit at an input screen, waiting for the user to input the purchase amount.
Once it receives that input, it calculates the transaction's tax and then moves into a display mode, where it displays the tax amount to the user. The user can then press a new transaction button to enter another transaction amount. You might view this as three different states in the software. The first one is awaiting input. Once the user provides the input, it moves to the calculating tax state, where the program is actually figuring out the sales tax amount for that user's inputed transaction value.
Then, the displaying output phase, where it displays the taxable amount to the user. This simple-state transition model describes normal operation of the software very well. But, what happens if an error occurs? For example, what if the user types "apple" into the transaction amount field instead of a dollar amount? Our state diagram doesn't contain any instructions that the computer should follow if it receives this erroneous input. So, we can't predict what will happen next.
This situation is known as an unpredictable state, and can lead to serious security vulnerabilities, such as buffer overflows and other compromises. Error handling, otherwise known as exception handling, prevents this unpredictable state problem by providing the computer with explicit instructions on handling unpredictable states. For example, we might want to modify the software to display a message indicating that the user must input a dollar amount if it receives some other type of input.
The new state diagram would include this error handling. We'd still have the awaiting input state, but would then have an input validation state, where the software checks for a condition that might create an error. If there is no error, the software would continue through the calculating tax and displaying output states. However, if the user had supplied erroneous input, the software would go from the validate input state into a state where it displays an error message. Different programming languages implement exception handling in different ways.
As an example, Java uses the Try...Catch Model. Let's look at an example. One common error in programming is dividing a value by zero. This is mathematically impossible and results in an error. Let's look at how we can write secure code that handles this error properly. We start by defining our variables, and then we write our division statement. As we've written it, dividing 10 by zero, would result in a division by zero error.
But, we can enclose this division statement in a try clause, that tells the Java interpreter to attempt the division, but then write a catch clause that tells the interpreter that if it encounters an arithmetic exception while attempting the division, such as dividing by zero, that it should report this error back to the user. And that's all there is to exception handling. If you think through the different errors that could result from your code, and provide explicit instructions for handling those errors, your code will be much more secure.
- Comparing viruses, worms, and Trojans
- Backdoors and logic bombs
- Understanding the attacker
- Attack types: from denial of service to brute force attacks
- Preventing insider threats
- Wireless attacks
- Understanding cross-site scripting
- Preventing SQL injection
- Social engineering
- Scanning for vulnerabilities
- Penetration testing
- Assessing the impact of vulnerabilities