Secure Programming with Static Analysis

Name: Secure Programming with Static Analysis
Price: 5.02 USD
Availability: InStock
ISBN: 9780321424778

ISBN-10: 0321424778

ISBN-13: 9780321424778

Edition: 2008

Authors: Brian Chess, Jacob West, Gary McGraw

List price: $59.99

30 day, 100% satisfaction guarantee!

Marketplace

5 new & used from $5.02

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Description:

The First Expert Guide to Static Analysis for Software Security! Creating secure code requires more than just good intentions. Programmers need to know that their code will be safe in an almost infinite number of scenarios and configurations. Static source code analysis gives users the ability to review their work with a fine-toothed comb and uncover the kinds of errors that lead directly to security vulnerabilities. Now, there''s a complete guide to static analysis: how it works, how to integrate it into the software development processes, and how to make the most of it during security code review. Static analysis experts Brian Chess and Jacob West look at the most common types of security… defects that occur today. They illustrate main points using Java and C code examples taken from real-world security incidents, showing how coding errors are exploited, how they could have been prevented, and how static analysis can rapidly uncover similar mistakes. This book is for everyone concerned with building more secure software: developers, security engineers, analysts, and testers. Coverage includes: Why conventional bug-catching often misses security problems How static analysis can help programmers get security right The critical attributes and algorithms that make or break a static analysistool 36 techniques for making static analysis more effective on your code More than 70 types of serious security vulnerabilities, with specific solutions Example vulnerabilities from Firefox, OpenSSH, MySpace, eTrade, Apache httpd, and many more Techniques for handling untrusted input Eliminating buffer overflows: tactical and strategic approaches Avoiding errors specific to Web applications, Web services, and Ajax Security-aware logging, debugging, and error/exception handling Creating, maintaining, and sharing secrets and confidential information Detailed tutorials that walk you through the static analysis process "We designed Java so that it could be analyzed statically. This book shows you how to apply advanced static analysis techniques to create more secure, more reliable software." -Bill Joy, Co-founder of Sun Microsystems, co-inventor of the Java programming language "''Secure Programming with Static Analysis'' is a great primer on static analysis for security-minded developers andsecurity practitioners. Well-written, easy to read, tells you what you need to know." -David Wagner, Associate Professor, University of California Berkeley "Software developers are the first and best line of defense for the security of their code. This book gives them the security development knowledge and the tools they need in order to eliminate vulnerabilities before they move into the final products that can be exploited." -Howard A. Schmidt, Former White House Cyber Security Advisor BRIAN CHESS is Founder and Chief Scientist of Fortify Software, where his research focuses on practical methods for creating secure systems. He holds a Ph.D. in Computer Engineering from University of California Santa Cruz, where he studied the application of static analysis to finding security-related code defects. JACOB WEST manages Fortify Software''s Security Research Group, which is responsible for building security knowledge into Fortify''s products. He brings expertise in numerous programming languages, frameworks, and styles together with deep knowledge about how real-world systems fail. CD contains a working demonstration version of Fortify Software''s Source Code Analysis (SCA) product; extensive Java and C code samples; and the tutorial chapters from the book in PDF format. Part I: Software Security and Static Analysis 1 1 The Software Security Problem 3 2 Introduction to Static Analysis 21 3 Static Analysis as Part of the Code Review Process 47 4 Static Analysis Internals 71 Part II: Pervasive Problems 115 5 Handling Input 117 6 Buffer Overflow 175 7 Bride of Buffer Overflow 235 8 Errors and Exceptions 265 Part III: Features and Flavors 295 9 Web Applications 297 10 XML

Book details

List price: $59.99
Copyright year: 2008
Publisher: Addison Wesley Professional
Publication date: 6/29/2007
Binding: Mixed Media
Pages: 624
Size: 7.00" wide x 9.00" long x 1.25" tall
Weight: 1.936
Language: English




Software Security and Static Analysis



The Software Security Problem



Defensive Programming Is Not Enough



Security Features != Secure Features



The Quality Fallacy



Static Analysis in the Big Picture



Classifying Vulnerabilities


The Seven Pernicious Kingdoms



Summary



Introduction to Static Analysis



Capabilities and Limitations of Static Analysis



Solving Problems with Static Analysis


Type Checking


Style Checking


Program Understanding


Program Verification and Property Checking


Bug Finding


Security Review



A Little Theory, a Little Reality


Success Criteria


Analyzing the Source vs. Analyzing Compiled Code


Summary



Static Analysis as Part of the Code Review Process



Performing a Code Review


The Review Cycle


Steer Clear of the Exploitability Trap



Adding Security Review to an Existing Development Process


Adoption Anxiety


Start Small, Ratchet Up



Static Analysis Metrics


Summary



Static Analysis Internals



Building a Model


Lexical Analysis


Parsing


Abstract Syntax


Semantic Analysis


Tracking Control Flow


Tracking Dataflow


Taint Propagation


Pointer Aliasing



Analysis Algorithms


Checking Assertions


Naive Local Analysis


Approaches to Local Analysis


Global Analysis


Research Tools



Rules


Rule Formats


Rules for Taint Propagation


Rules in Print



Reporting Results


Grouping and Sorting Results


Eliminating Unwanted Results


Explaining the Significance of the Results


Summary



Pervasive Problems



Handling Input



What to Validate


Validate All Input


Validate Input from All Sources


Establish Trust Boundaries



How to Validate


Use Strong Input Validation


Avoid Blacklisting


Don't Mistake Usability for Security


Reject Bad Data


Make Good Input Validation the Default


Check Input Length


Bound Numeric Input



Preventing Metacharacter Vulnerabilities


Use Parameterized Requests


Path Manipulation


Command Injection


Log Forging


Summary



Buffer Overflow



Introduction to Buffer Overflow


Exploiting Buffer Overflow Vulnerabilities


Buffer Allocation Strategies


Tracking Buffer Sizes



Strings


Inherently Dangerous Functions


Bounded String Operations


Common Pitfalls with Bounded Functions


Maintaining the Null Terminator


Character Sets, Representations, and Encodings


Format Strings


Better String Classes and Libraries


Summary



Bride of Buffer Overflow



Integers


Wrap-Around Errors


Truncation and Sign Extension


Conversion between Signed and Unsigned


Methods to Detect and Prevent Integer Overflow



Runtime Protection


Safer Programming Languages


Safer C Dialects


Dynamic Buffer Overflow Protections


Dynamic Protection Benchmark Results


Summary



Errors and Exceptions



Handling Errors with Return Codes


Checking Return Values in C


Checking Return Values in Java



Managing Exceptions


Catch Everything at the Top Level


The Vanishing Exception


Catch Only What You're Prepared to Consume


Keep Checked Exceptions in Check



Preventing Resource Leaks


C and C++


Java



Logging and Debugging


Centralize Logging


Keep Debugging Aids and Back-Door Access Code out of Production


Clean Out Backup Files


Do Not Tolerate Easter Eggs


Summary



Features and Flavors



Web Applications



Input and Output Validation for the Web


Expect That the Browser Has Been Subverted


Assume That the Browser Is an Open Book


Protect the Browser from Malicious Content



HTTP Considerations


Use POST, Not GET


Request Ordering


Error Handling


Request Provenance



Maintaining Session State


Use Strong Session Identifiers


Enforce a Session Idle Timeout and a Maximum Session Lifetime


Begin a New Session upon Authentication



Using the Struts Framework for Input Validation


Setting Up the Struts Validator


Use the Struts Validator for All Actions


Validate Every Parameter


Maintain the Validation Logic


Summary



XML and Web Services



Working with XML


Use a Standards-Compliant XML Parser


Turn on Validation


Be Cautious about External References


Keep Control of Document Queries



Using Web Services


Input Validation


WSDL Worries


Over Exposure


New Opportunities for Old Errors


JavaScript Hijacking: A New Frontier


Summary



Privacy and Secrets



Privacy and Regulation


Identifying Private Information


Handling Private Information



Outbound Passwords


Keep Passwords out of Source Code


Don't Store Clear-Text Passwords



Random Numbers


Generating Random Numbers in Java


Generating Random Numbers in C and C++



Cryptography


Choose a Good Algorithm


Don't Roll Your Own



Secrets in Memory


Minimize Time Spent Holding Secrets


Share Secrets Sparingly


Erase Secrets Securely


Prevent Unnecessary Duplication of Secrets


Summary



Privileged Programs



Implications of Privilege


Principle of Least Privilege


This Time We Mean It: Distrust Everything



Managing Privilege


Putting Least Privilege into Practice


Restrict Privilege on the Filesystem


Beware of Unexpected Events



Privilege Escalation Attacks


File Access Race Conditions


Insecure Temporary Files


Command Injection


Standard File Descriptors


Summary



Static Analysis in Practice



Source Code Analysis Exercises for Java



Installation



Begin with the End in Mind



Auditing Source Code Manually



Running Fortify SCA



Understanding Raw Analysis Results



Analyzing a Full Application



Tuning Results with Audit Workbench



Auditing One Issue



Performing a Complete Audit



Writing Custom Rules


Answers to Questions in Exercise 13.2



Source Code Analysis Exercises for C



Installation



Begin with the End in Mind



Auditing Source Code Manually



Running Fortify SCA



Understanding Raw Analysis Results



Analyzing a Full Application



Tuning Results with Audit Workbench



Auditing One Issue



Performing a Complete Audit



Writing Custom Rules


Answers to Questions in Exercise 14.2


Epilogue


References


Index