Home / Topics / Software Security

Software Security

Study buffer overflows, malware types, vulnerabilities, and secure programming practices.

Introduction

Software Security involves writing code that is resistant to attacks. It differs from secure computing (using security tools) by focusing on making the software itself secure.

Software Vulnerabilities

Common Vulnerability Types

  • Unvalidated Input: Not checking user input before processing
  • Buffer Overflow: Writing beyond array boundaries
  • Integer Overflow: Arithmetic operations exceeding limits
  • Format String: Using user input in format functions
  • Race Conditions: Timing issues in concurrent code
  • SQL Injection: Injecting SQL through user input
  • XSS: Injecting scripts into web pages

Buffer Overflow

A buffer overflow occurs when data exceeds a buffer's boundaries and overwrites adjacent memory.

How It Works

  1. Program allocates fixed-size buffer
  2. Input exceeds buffer size
  3. Data overflows into adjacent memory
  4. Attacker can overwrite return addresses
  5. Execution can be redirected to malicious code
// Vulnerable code
void vulnerable_function(char *str) {
    char buffer[50];
    strcpy(buffer, str);  // No bounds checking!
}

// Attack: Pass string longer than 50 chars
// Overwrites return address, hijacking execution

Types of Buffer Overflow

  • Stack-based: Overflow on the stack
  • Heap-based: Overflow on the heap
  • Format String: Using printf-style functions improperly

Defenses

  • Stack Canaries: Detect overwrites before return
  • ASLR: Randomize memory addresses
  • DEP/NX: Mark memory as non-executable
  • Safe Functions: Use strncpy instead of strcpy

Malware Types

Type Description Examples
Virus Requires host file, spreads by infecting files CIH, Virut
Worm Self-replicating, spreads over networks Code Red, WannaCry
Trojan Masquerades as legitimate software Zeus, Emotet
Ransomware Encrypts files, demands payment WannaCry, NotPetya
Spyware Monitors activity, steals data CoolWebSearch
Rootkit Hides malicious code SubSeven, Rkit
Adware Displays unwanted ads DeskAd
Bot/Botnet Controlled remotely for attacks Mirai, Conficker

Secure Programming Practices

Input Validation

  • Validate all user input
  • Use allowlists (not blocklists)
  • Check type, length, format, range
  • Reject invalid, don't try to fix

Memory Safety

  • Use safe string functions (strncpy, snprintf)
  • Check array bounds
  • Avoid manual memory management where possible
  • Use modern languages (Rust, Go)

Least Privilege

  • Run with minimum necessary privileges
  • Drop privileges when not needed
  • Use sandboxing

Secure Development Lifecycle: Security should be considered from design to deployment. Use threat modeling, code reviews, and penetration testing.