Code audit
Encyclopedia
A software code audit is a comprehensive analysis of source code
Source code
In computer science, source code is text written using the format and syntax of the programming language that it is being written in. Such a language is specially designed to facilitate the work of computer programmers, who specify the actions to be performed by a computer mostly by writing source...

 in a programming project with the intent of discovering bugs, security breaches or violations of programming conventions. It is an integral part of the defensive programming
Defensive programming
Defensive programming is a form of defensive design intended to ensure the continuing function of a piece of software in spite of unforeseeable usage of said software. The idea can be viewed as reducing or eliminating the prospect of Murphy's Law having effect...

 paradigm, which attempts to reduce errors before the software is released. C and C++ source code is the most common code to be audited since many higher-level languages, such as Python, have fewer potentially vulnerable functions (e.g., functions that do not check bounds).

Guidelines

When auditing software, every critical component should be audited separately and together with the entire program. It is a good idea to search for high-risk vulnerabilities
Vulnerability (computing)
In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw...

 first and work down to low-risk vulnerabilities. Vulnerabilities in between high-risk and low-risk generally exist depending on the situation and how the source code in question is being used. Application penetration testing tries to identify vulnerabilities in software by launching as many known attack techniques as possible on likely access points in an attempt to bring down the application. This is a common auditing method and can be used to find out if any specific vulnerabilities exist, but not where they are in the source code.

High-risk vulnerabilities

Some common high-risk vulnerabilities may exist due to the use of:
  • Non-bounds-checking functions (e.g., strcpy, sprintf, vsprintf, and sscanf) that could lead to a buffer overflow
    Buffer overflow
    In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety....

     vulnerability
  • Pointer manipulation of buffers that may interfere with later bounds checking, e.g.: if ((bytesread = net_read(buf,len)) > 0) buf += bytesread;
  • Calls like execve, execution pipes, system and similar things, especially when called with non-static arguments
  • Input validation, e.g. (in SQL): statement := "SELECT * FROM users WHERE name = '" + userName + "';" is an example of a SQL injection
    SQL injection
    A SQL injection is often used to attack the security of a website by inputting SQL statements in a web form to get a badly designed website in order to dump the database content to the attacker. SQL injection is a code injection technique that exploits a security vulnerability in a website's software...

     vulnerability
  • File inclusion functions, e.g. (in PHP): include($page . '.php'); is an example of a Remote File Inclusion
    Remote File Inclusion
    Remote File Inclusion is a type of vulnerability most often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation...

     vulnerability

Low-risk vulnerabilities

The following is a list of low-risk vulnerabilities that should be found when auditing code, but do not produce a high risk situation.
  • Client-side code vulnerabilities that do not affect the server side (e.g., cross-site scripting
    Cross-site scripting
    Cross-site scripting is a type of computer security vulnerability typically found in Web applications that enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same...

    )
  • Username enumeration
  • Directory traversal (in Web applications)

Tools

Source code auditing tools generally look for common vulnerabilities and only work for specific programming languages. Such automated tools could be used to save time, but should not be relied on for an in-depth audit. Applying such tools as part of a policy-based approach is recommended.

See also

  • Information technology audit
    Information technology audit
    An information technology audit, or information systems audit, is an examination of the management controls within an Information technology infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating...

  • Defensive programming
    Defensive programming
    Defensive programming is a form of defensive design intended to ensure the continuing function of a piece of software in spite of unforeseeable usage of said software. The idea can be viewed as reducing or eliminating the prospect of Murphy's Law having effect...

  • Remote File Inclusion
    Remote File Inclusion
    Remote File Inclusion is a type of vulnerability most often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation...

  • SQL injection
    SQL injection
    A SQL injection is often used to attack the security of a website by inputting SQL statements in a web form to get a badly designed website in order to dump the database content to the attacker. SQL injection is a code injection technique that exploits a security vulnerability in a website's software...

  • Buffer overflow
    Buffer overflow
    In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety....

  • List of tools for static code analysis
The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK