Archive for August, 2017

C’s strcpy_s(): C11’s More Secure Version of strcpy()

Thursday, August 31st, 2017 Michael Barr

Buffer overflows are a well-known port of entry for hackers and attackers of computerized systems. One of the easiest ways to create a buffer overflow weakness in a C program has long been to rely on the strcpy() function of the C standard library to overwrite data.

There’s a decent explanation of the problem at http://www.thegeekstuff.com/2013/06/buffer-overflow/. But the nutshell version is that you have a buffer of size X somewhere in memory that your code uses strcpy() to overwrite new nul-terminated strings. If an attacker can somehow feed a string longer than X bytes to your function then data beyond the bounds of the original array will be overwritten too: thereby rewriting code or data that serves some other purpose.

You should know that the new C11 update to the C programming language provides for a replacement “safe” version of this function, which is named strcpy_s(). The parameter lists and return types differ:

char *strcpy(char *strDestination, const char *strSource);

versus:

errno_t strcpy_s(char *strDestination, size_t numberOfElements, const char *strSource);

The new “numberOfElements” parameter is used by strcpy_s() to check that the strSource is not bigger than the buffer. And, when there is a problem, an error code is returned.

The Microsoft Developer Network website is one source of additional detail on this and other of C11’s “safe” functions.

Did a Cyberattack Cause Recent Crashes of U.S. Naval Destroyers?

Wednesday, August 23rd, 2017 Michael Barr

Crashes involving naval vessels are rare events. Yet somehow two of the U.S. Navy’s guided-missile destroyers have crashed into other ships in as many months:

Might these deadly crashes share a common root cause? Both ships are part of the Seventh Fleet, which is headquartered in Yokosuka, Japan.

The word is that the second accident was caused by a “steering failure“.

As the public learned back in 1998, when another naval vessel had to be towed back to port after a software crash, this bit of critical American infrastructure was then dependent on navigational software that runs on Windows NT.

Are U.S. Navy ships still powered by a version of Microsoft Windows? And vulnerable to viruses? Could a single individual have smuggled a computer virus aboard both of these destroyers?

I’m no conspiracy theorist, but merely suggest that the possibility of a cyberattack at least be considered by those investigating if these crashes have a common root cause. It strikes me as likely that at least Russia, North Korea, and China would employ hackers to look for ways to weaken American naval power.