The Heartbleed bug got a lot of press lately, but most of it addresses the breach and what information could be lost as well as what problems that loss would cost. Few reports have covered the actual problem and its solution.
相关文章
- Java 8 Arrives
- 武装ADA
- C++11 and Ada 2012 - renaissance of native languages?
- ADA 2012:合同的喜悦
- Ada Offers Advantages Over C And C++
The Heartbleed bug occurs in theOpenssl开源的代码。特别是,修复可以found in the SSL support file d1_both.c. The memory safety problem occurred because the system uses a mix of C strings and Pascal-style buffer-size strings. In essence, it is a buffer underrun issue versus the more common buffer overrun bug.
The packets used with the SSL protocol employ sized strings. The code to process the packets was implemented in C. The trick was to request a large amount of data, up to 64 kbytes, while having a string that was significantly smaller placed in the buffer to be sent back to the initiator. The bug is that in this case the contents of the buffer can include information from previous communication that could include details like user names and passwords.
|
|
Download this article in .PDF format 此文件类型在适用时包括高分辨率图形和原理图。 |
This means a single attack may return useless junk, but attacks can be performed repeatedly since they are processed as valid requests. There isn’t even a hint of a problem. An attacker eventually would get useful information, and additional programming would allow the responses to be scanned automatically.
修复该错误的补丁包含许多更改,但此处显示了关键的更改。它本质上忽略了不当形成的请求,例如以前可能发生的请求:
/* Read type and payload length first */ if (1 + 2 + 16 > s->s3->rrec.length) return 0; /* silently discard */ hbtype = *p++; n2s(p, payload); if (1 + 2 + payload + 16 > s->s3->rrec.length) return 0; /* silently discard per RFC 6520 sec. 4 */
The rrec.length is the record length that should have been used. The second test checks the payload size, which is where an attacker would have lied about the buffer size required to retrieve more information.
有趣的是,响应大小可能在缓冲区末端具有额外的填充字节。该代码用随机数据填充这些字节。不幸的是,如果响应小于数据大小,则将无法清除实际响应和填充之间的数据。
此修复程序消除了缺陷,但这不是解决问题的唯一方法。未显示的是用于分配缓冲区的malloc。c malloc在将缓冲区的内容交给应用程序之前没有清除缓冲区的内容。这是更快但不安全的。某些SSL实现使用了安全内存分配方案,该方案在使用缓冲区之前将其零。另一个替代方法是使用字符串复制操作,以清除缓冲区的尾随部分。
This type of problem is not new. It does highlight the issue of security and data leaks. The program does not crash and it otherwise operates properly. Detecting the bug is not easy from a programming perspective although it was easy to fix. Static analysis tools and some programming languages like Ada and Java can address similar issues but it still is up to the developer to good, security related design practices.
New Priorities
对于程序员来说,安全和安全最终处于最前沿。为帮助解决这些问题的工具或语言的合理性和语言是合理的,并且总体上减少了错误,现在对于许多应用程序而言,更实用。程序员可能想考虑Java 8(see “Java 8 Arrives” at electronicdesign.com)or Ada 2012(see “ADA 2012:合同的喜悦” at electronicdesign.com).
Static analysis tools may be a better alternative for C/C++ programmers if switching languages is not an alternative. Standards like MISRA C(see “New Version Of MISRA C: Why Should You Care?” at electronicdesign.com)can help prevent a significant effect on the number of bugs. Even using secure memory allocation libraries can help.
Bugs will crop up regardless of how good the programmers or their tools are. The issue should be how to minimize the number of bugs and to how to limit bad effects when they do occur. The choice of language, frameworks, runtime, and tools can help. So can programmer training. It is difficult to prevent problems if one does not know what those problems are or how to avoid them.
