Learn from this! [LWN.net]

Learn from this!

Posted Dec 3, 2003 9:58 UTC (Wed) by walles (subscriber, #954)
Parent article: The brk() vulnerability

What should be done now is:

Assume you have a perfect kernel with an unknown problem in brk(). Ask yourself, what security measures (other than finding the bug and fixing it) could prevent the bug from being exploited?

When you have a good answer, go implement it and this won't happen again.

Our local Windows guru says that MS has started using the following procedure when security problems are found in their sources:
1. Report the problem to a group making static code analysis tools.
2. That group is responsible for making a tool that can find the bug that was just fixed.
3. The static code analysis tool is run on the sources at regular intervals.

Linux has the Stanford checker and another Free tool of which I cannot currently remember the name, but I don't know if the feedback works as outlined above. And regardless of whether MS actually manages to implement the above procedure or not, the Linux community should.

(Log in to post comments)

Learn from this - flawfinder, RATS

Posted Dec 3, 2003 17:11 UTC (Wed) by dwheeler (guest, #1216) [Link]

A somewhat similar process is already in place. Folks like Viega and myself have developed static analysis tools; when we see an error, we try to modify our tools to find that too. My flawfinder tool (http://www.dwheeler.com/flawfinder) looks for previous mistakes, as does Viega's RATS. I'm sure more can be done, please do contribute!