Berkeley COMPSCI 161 - Software Security - D807888

Home> Schools> University of California, Berkeley> Computer Science (COMPSCI) > COMPSCI 161> Software Security

DOC PREVIEW

Berkeley COMPSCI 161 - Software Security

School name University of California, Berkeley

Course Compsci 161- Computer Security

Pages 42

This preview shows page 1-2-3-20-21-40-41-42 out of 42 pages.

Save

View full document

Premium Document

Do you want full access? Go Premium and unlock all 42 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

Unformatted text preview:

Software Security Defenses Principles CS 161 Computer Security Prof Vern Paxson TAs Devdatta Akhawe Mobin Javed Matthias Vallentin http inst eecs berkeley edu cs161 January 25 2011 Testing for Software Security Issues What makes testing a program for security problems difficult We need to test for the absence of something Security is a negative property nothing bad happens even in really unusual circumstances Normal inputs rarely stress security vulnerable code How can we test more thoroughly Random inputs fuzz testing Mutation Spec driven How do we tell when we ve found a problem Crash or other deviant behavior How do we tell that we ve tested enough Hard but code coverage tools can help Testing for Software Security Issues What makes testing a program for security problems difficult We need to test for the absence of something Security is a negative property nothing bad happens even in really unusual circumstances Normal inputs rarely stress security vulnerable code How can we test more thoroughly Random inputs fuzz testing Mutation Spec driven How do we tell when we ve found a problem Crash or other deviant behavior How do we tell that we ve tested enough Hard but code coverage tools can help Testing for Software Security Issues What makes testing a program for security problems difficult We need to test for the absence of something Security is a negative property nothing bad happens even in really unusual circumstances Normal inputs rarely stress security vulnerable code How can we test more thoroughly Random inputs fuzz testing Mutation Spec driven How do we tell when we ve found a problem Crash or other deviant behavior enable expensive checks How do we tell that we ve tested enough Hard but code coverage tools can help int deref int p return p requires p NULL and p a valid pointer int deref int p return p int sum int a size t n int total 0 for size t i 0 i n i total a i return total requires a NULL size a n int sum int a size t n int total 0 for size t i 0 i n i total a i return total requires a NULL size a n int sum int a size t n int total 0 for size t i 0 i n i total a i return total requires a NULL size a n int sum int a size t n int total 0 for size t i 0 i n i 0 i i n n size a total a i return total int sumderef int a size t n int total 0 for size t i 0 i n i total a i return total requires a NULL size a n int sumderef int a size t n int total 0 for size t i 0 i n i total a i return total requires a NULL size a n for all j in 0 n 1 a j NULL int sumderef int a size t n int total 0 for size t i 0 i n i total a i return total void mymalloc size t n void p malloc n if p perror malloc exit 1 return p ensures retval NULL void mymalloc size t n void p malloc n if p perror malloc exit 1 return p char tbl N int hash char s int h 17 while s h 257 h s 3 return h N bool search char s int i hash s return tbl i strcmp tbl i s 0 char tbl N ensures 0 retval retval N int hash char s int h 17 while s h 257 h s 3 return h N bool search char s int i hash s return tbl i strcmp tbl i s 0 char tbl N ensures 0 retval retval N int hash char s int h 17 0 h while s h 257 h s 3 return h N bool search char s int i hash s return tbl i strcmp tbl i s 0 char tbl N ensures 0 retval retval N int hash char s int h 17 0 h while s 0 h h 257 h s 3 return h N bool search char s int i hash s return tbl i strcmp tbl i s 0 char tbl N ensures 0 retval retval N int hash char s int h 17 0 while s 0 h 257 h s 3 0 return h N h h h bool search char s int i hash s return tbl i strcmp tbl i s 0 char tbl N ensures 0 retval retval N int hash char s int h 17 0 while s 0 h 257 h s 3 0 return h N 0 retval N h h h bool search char s int i hash s return tbl i strcmp tbl i s 0 char tbl N ensures 0 retval retval N int hash char s int h 17 0 while s 0 h 257 h s 3 0 return h N 0 retval N h h h bool search char s int i hash s return tbl i strcmp tbl i s 0 char tbl N ensures 0 retval retval N int hash char s int h 17 0 while s 0 h 257 h s 3 0 return h N 0 retval N h h h bool search char s int i hash s return tbl i strcmp tbl i s 0 char tbl N ensures 0 retval retval N int hash char s int h 17 0 while s 0 h 257 h s 3 0 return h N 0 retval N h h h bool search char s int i hash s return tbl i strcmp tbl i s 0 Fix char tbl N ensures 0 retval retval N unsigned int hash char s unsigned int h 17 0 while s 0 h 257 h s 3 0 return h N 0 retval N h h h bool search char s unsigned int i hash s return tbl i strcmp tbl i s 0 5 Minute Break Questions Before We Proceed TL 15 TL 30 TRTL 30 TXTL 60 Security is economics This program can delete any le you can This program can delete any le you can Least privilege Soda Hall wiring closet Use fail safe defaults

View Full Document