Vulnerability Code

Melissa Townsend

February 27, 2013

Secure Software Engineering

CSC453 Assignment 1

I have browsed through the collection of code examples on NIST’s SAMATE database to

determine what vulnerable code I should choose. What do I mean by a code being vulnerable? A

vulnerable code could be a code that consists of a section of code that could be a bug or cause a glitch,

in other words, a weakness which can allow an attacker to reduce a system’s information assurance.

I have chosen Test Case ID 72, A C++ code that deals with dynamic memory. This code asks the

user “How many numbers they would like to enter?” The user enters the set of numbers they like. Then

the program calls back the set of numbers that the user has just entered. The problem with this code is

if a user enters a long digit, an issue occurs. The program is able to run but I will display a series of

numbers that have not been entered by the user.

There were flaws discovered within this code. When there is more than a 10 digit number being

entered, is when an error occurs. With char (buffer), statically-sized arrays can be overflowed. Perform

bounds checking, use functions that limit length, or ensure that the size is larger than the maximum

possible length. With atoi and atol (both integers), unless checked, the resulting number can exceed the

expected range. If the source is not trusted, check both minimum and maximum, even if the input had

no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value

if that is intended).

I have come to the conclusion that when cin.getline (input, 100); is executed when input

exceeds the input part of the actual length of the array is stored in the illegal memory address. After

compiling the code, it runs with no errors, and this is very dangerous. This error produces a software

bug making it easy for an attacker to misuse an application. If there are other procedures used in the...