的memcpy()在安全编程? [英] Memcpy() in secure programming?
问题描述
我最近偶然发现,声称微软的一篇文章是禁止在其安全程序商店的memcpy()功能。我明白在函数中固有的漏洞,但是否有必要完全禁止使用?
I recently stumbled across an article that claims Microsoft is banning the memcpy() function in its secure programming shops. I understand the vulnerabilities inherent in the function, but is it necessary to ban its use entirely?
如果程序我写来避免的memcpy()完全,或者只是确保它的安全使用?什么替代品存在提供类似但更安全functionalilty?
Should programs I write be avoiding memcpy() entirely, or just ensuring that it's used safely? What alternatives exist that provide similar but safer functionalilty?
推荐答案
Microsoft提供替代来memcpy和wmemcpy了验证其参数。
Microsoft provides alternatives to memcpy and wmemcpy that validate their parameters.
memcpy_s说,嗯,之前我从这个地址读,让我验证自己这是不是一个空指针;而之前,我写这个地址,我会再次执行测试,我也将比较数字。字节我已要求复制到目标的要求大小;当且仅当呼叫通过所有这些测试应我执行复制
memcpy_s says, "Hmm, before I read from this address, let me verify for myself that it is not a null pointer; and before I write to this address, I shall perform that test again. I shall also compare the number of bytes I have been requested to copy to the claimed size of the destination; if and only if the call passes all these tests shall I perform the copy."
的memcpy说东西目的地到寄存器,东东源到寄存器,东东计数到寄存器,执行MOVSB或MOVSW。 (例如在地球村,活不长了世界: HTTP:// WWW。 geocities.com/siliconvalley/park/3230/x86asm/asml1013.html )
memcpy says "Stuff the destination into a register, stuff the source into a register, stuff the count into a register, perform MOVSB or MOVSW." (Example on geocities, not long for this world: http://www.geocities.com/siliconvalley/park/3230/x86asm/asml1013.html)
编辑:对于的野生一个例子的您的愿望就是我的命令的方法memcpy的,考虑OpenSolaris的,其中的memcpy是(对于某些配置)的在BCOPY 定义的,而<一HREF =http://cvs.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/cmd/vi/port/bcopy.c相对=nofollow> BCOPY (为某些配置)是...
For an example in the wild of the Your Wish Is My Command approach to memcpy, consider OpenSolaris, where memcpy is (for some configurations) defined in terms of bcopy, and bcopy (for some configurations) is ...
void
33 bcopy(from, to, count)
34 #ifdef vax
35 unsigned char *from, *to;
36 int count;
37 {
38
39 asm(" movc3 12(ap),*4(ap),*8(ap)");
40 }
41 #else
42 #ifdef u3b /* movblkb only works with register args */
43 unsigned char *from, *to;
44 int count;
45 {
46 asm(" movblkb %r6, %r8, %r7");
47 }
48 #else
49 unsigned char *from, *to;
50 int count;
51 {
52 while ((count--) > 0)
53 *to++ = *from++;
54 }
55 #endif
编辑:谢谢,史密斯米莉!这里是什么是地球村页面我上面链接上:
Thanks, Millie Smith! Here is what was on the geocities page I linked above:
MOVS
该指令MOVS用于源字符串复制到目标(是的,复制,不动)。该指令有两个变种:MOVSB和MOVSW。该MOVSB(动串字节),每次移动一个字节,而MOVSW每次移动两个字节。
The instruction movs is used to copy source string into the destination (yes, copy, not move). This instruction has two variants: movsb and movsw. The movsb ("move string byte") moves one byte at a time, whereas movsw moves two bytes at a time.
由于我们想一次移动几个字节,这些MOVS指令在使用Rep preFIX批次完成。运动的数目由CX寄存器指定。请参见下面的例子:
Since we'd like to move several bytes at a time, these movs instructions are done in batches using rep prefix. The number of movements is specified by CX register. See the example below:
:
lds si, [src]
les di, [dest]
cld
mov cx, 100
rep movsb
:
这个例子从SRC 100字节复制到dest中。如果用MOVSW替换MOVSB,复制200个字节来代替。如果删除代表preFIX时,CX寄存器将没有任何效果。您会移动一个字节(如果它是MOVSB,或者2个字节,如果它是MOVSW)
This example will copy 100 bytes from src to dest. If you replace movsb with movsw, you copy 200 bytes instead. If you remove the rep prefix, the CX register will have no effect. You will move one byte (if it is movsb, or 2 bytes if it is movsw).
这篇关于的memcpy()在安全编程?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
