[CLUE-Tech] OT: C code security - what to look for?

Matt Gushee matt at gushee.net
Sat Aug 9 21:56:56 MDT 2003 

Hi, all--

Well, this isn't strictly a Linux question, but since y'all are one of
the biggest and best pools of expertise I know, I hope you'll humor me
on this one.


BACKGROUND:

Several months ago I began developing what I hope will be a really cool
Web application. It's called ChartPak[1], and it generates charts (you
know, bar charts, pie charts, and so on) from arbitrary data sets.

However, I'm writing it in OCaml, which is maybe not a super-obscure
language, but not a very mainstream one either ... which means that
there are some gaps in the selection of available libraries. One of
those gaps, I discovered, is in the area of (*ahem*) graphics.

Uh-oh.

Well, there were a number of graphics libraries available, so the
problem wasn't obvious at first, but I looked at all of them, and it
turned out that none of them quite met my needs. One of the most
promising was a wrapper library for GD, but I found out that it was
very incomplete, and its author wasn't very interested in developing it
further.

Eventually I realized my options were 1) to continue what I had been
doing--that is to cobble together some half-assed piece of crap using 2
or 3 of the existing graphics libraries; 2) to wait until somebody else
developed a good, modern library; 3) to give up; or ... 4) to dive in
and try to write a proper C wrapper to a good graphics library, despite
the fact that I'm not much of a C programmer (that's the polite way to
say it).


SO ANYWAY:

Here I am, the new maintainer of the OCaml interface to GD. Even though
I don't know what the hell I'm doing, with the help of the GD API docs
and the existing wrapper code, I've been able to make considerable
progress in a few days. So far so good. However ...

If I were working on the library for its own sake, I'd just let it
percolate through the community and let the Open Source process work its
magic. But I'm writing the library in order to be able to write an
application, and I'm writing the application to be able to sell (or use
as an aid to selling my services). And of course, since it's Web
software, I want a kick-ass online demo, and I want it soon (preferably
3 months ago ;-). So here's what I have to deal with:

In terms of functionality, the GD wrapper is just about where I need it
to be. But if I'm going to put this on my Web server, I need to be
reasonably sure there are no major security holes. So here are my
questions:

  What kinds of problems should I watch for (I know about buffer
    overruns ... what else?)?
  What kinds of coding errors cause those problems?
  What kinds of tools and procedures are most useful for evaluating
    the safety of my code?
  Can you recommend any good Web sites with survival-oriented
    documentation on C programming? Or, if there's no such thing,
    books (preferably ones that I could find at the library)?

Many thanks!

[1] In case you're interested, ChartPak is at
      http://havenrock.com/software/chartpak/

-- 
Matt Gushee                 When a nation follows the Way,
Englewood, Colorado, USA    Horses bear manure through
mgushee at havenrock.com           its fields;
http://www.havenrock.com/   When a nation ignores the Way,
                            Horses bear soldiers through
                                its streets.
                                
                            --Lao Tzu (Peter Merel, trans.)

More information about the clue-tech mailing list