Difference between revisions of "Vulnerability"
Line 1: | Line 1: | ||
− | Odamex is written in C++, and thus without due diligence could be under threat from the following | + | Odamex is written in C++, and thus without due diligence could be under threat from the following vulnerabilities. We aim to resolve all known vulnerabilities very quickly, and this list is one of lessons learned. If you find a vulnerability, please report it in [[bugs]]. |
== Buffer overruns & underruns == | == Buffer overruns & underruns == |
Revision as of 14:07, 29 March 2006
Odamex is written in C++, and thus without due diligence could be under threat from the following vulnerabilities. We aim to resolve all known vulnerabilities very quickly, and this list is one of lessons learned. If you find a vulnerability, please report it in bugs.
Contents
Buffer overruns & underruns
arrays
Be careful with general array indexing. Off by one errors.
printf
Printf and related (scanf, sscanf, fprintf, VPrintf, etc...) functions have been widely used in the source. They are vulnerable to:
- insufficient target string parameter length (buffer overrun if exceeded)
- lack of source string termination (buffer overrun if exceeded)
- using source string as format string (bad memory access)
- incorrect format string for a source string (bad memory access)
Note that using a safer equivalent function will not solve all of these issues. Using snprintf, for example, only ensures a sufficiently long target string
Resource exhaustion
memory allocation
Could keep creating objects until there's no RAM left.
bandwidth overflow
For some requests, a long reply is guaranteed. If those requests keep getting made, all the available bandwidth is taken up.
lockup
Where, for example, a server could tell the client to use negative time in a calculation, creating an infinite loop.
High level logic
invalid references
All incoming references, ids, and other information from the network must be checked to make sure it is safe.