logging in or signing up adam code review AscotEdu Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: Embed: Flash iPad Dynamic Copy Does not support media & animations Automatically changes to Flash or non-Flash embed WordPress Embed Customize Embed URL: Copy Thumbnail: Copy The presentation is successfully added In Your Favorites. Views: 775 Category: Product Traini.. License: All Rights Reserved Like it (0) Dislike it (0) Added: June 20, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Code Reviews in the Real World: Code Reviews in the Real World Adam Shostack firstname.lastname@example.org Overview: Overview Some Real World Experience Holding a review Focusing a review What to look for Training and Automation (Ewww) Software engineering Conclusions The Real World: The Real World Reviews can be done in a time to market driven organization Cover from 500-5000 lines of code in 2 hours Reviews do provide Security wins Reliability wins Holding a Review: Holding a Review Basic Meeting Management Have a goal. Have a moderator Distribute code in advance Bring paper copies Produce Minutes Holding a Review (2): Holding a Review (2) Advanced Meeting management Comfy chairs Munchies STOP after two hours Comments are directed at the code, not at the coder Targeting a Review: Targeting a Review Architectural Overview Startup Code User Interface Code Signals Logging Comments Architectural Overview: Architectural Overview Look at the design plan first Think about how to attack Userids, passwords, encryption User interaction What is exposed by security breach Startup Code: Startup Code Clean the environment Set it to something sane Check your location Check your permissions Parse your arguments carefully This blocks most buffer overflows User Interface Code: User Interface Code Limited number of inputs Expected Values of inputs Don’t look for malicious, look for safe Expect the unexpected Signals: Signals wu-ftpd bug Know how your program should handle signals Race conditions Core files Logging: Logging Do Log Use system log facilities Log unusual happenings '/usr/sbin/sendmail 12:30 PM: bozo invoked with argument -c \055\013\330…' Comments: Comments More than this, hopefully What to look for: What to look for Buffer Overflows Data Parsing Race Conditions Authentication/Authorization System() Self tests Buffer Overflows: Buffer Overflows Unbounded string functions Poor parsing of input Lead to Stack being smashed Return pointer shifts Attacker code runs locally Server or local code problem Race Conditions: Race Conditions Usually local file issues (setuid code) Open file A, get file B open without path /tmp links stat(file); open(file) vs fopen(file), fstat(fd) Lack of authentication/Authorization: Lack of authentication/Authorization Does the code do something where it should be handling access control? Web code is a good example Password to get in Password stored in URL (Referrer logs) Account # stored in a cookie without HMAC Data Parsing: Data Parsing Basic paranoia about environment buffer overflows, misconfigurations input: command line environment stdin file system (what does your program do under chroot?) System(): System() (and exec*p, exec*e, and popen) Environment path ;, andamp;andamp;, \n andamp;c Look for what you allow, deny all else. Evidence of Tools: Evidence of Tools Makefile gcc -wall andamp; perl -w Purify andamp; electric fence lint test cases or regression testing software Training and Automation: Training and Automation Size Revision Control Software Common Mistakes Software engineering sendmail Guidelines at http://www.homeport.org/~adam/review.html Conclusions: Conclusions Can do in a high pressure place Excellent investment of effort You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.