flat assembler
Message board for the users of flat assembler.

Index > Windows > BANNED: memcpy(), CopyMemory(), and RtlCopyMemory()

Goto page 1, 2  Next
Author
Thread Post new topic Reply to topic
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
Microsoft plans to formally banish the popular programming function that's been responsible for an untold number of security vulnerabilities over the years, not just in Windows but in countless other applications based on the C language. Effective later this year, Microsoft will add memcpy(), CopyMemory(), and RtlCopyMemory() to its list of function calls banned under its secure development lifecycle.
And here is a list of other banned function calls:

http://msdn.microsoft.com/en-us/library/bb288454.aspx
Post 20 May 2009, 12:44
View user's profile Send private message Visit poster's website Reply with quote
pete



Joined: 20 Apr 2009
Posts: 110
pete
Quote:

Some Microsoft security bulletins would not have been necessary if banned APIs had not been used.


Well, for me there's only one function that i'll miss, but found some weeks earlier a replacement on this board: wsprintf. Does one care about the banned functions (as ASM programmer)?
Post 20 May 2009, 12:58
View user's profile Send private message Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
WTF? How are they going to copy blocks of memory now?
Post 20 May 2009, 13:13
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
vid: Look at the second link I posted. It has the alternate APIs.
Post 20 May 2009, 14:52
View user's profile Send private message Visit poster's website Reply with quote
pal



Joined: 26 Aug 2008
Posts: 227
pal
Hmm, are you sure this is going to happed (soon anyway).

http://msdn.microsoft.com/en-us/library/bb288454.aspx wrote:

March 2007

Note: This paper is derived from the book The Security Development Lifecycle, by Michael Howard and Steve Lipner, Microsoft Press, 2006


Seems a bit old; two years.
Post 20 May 2009, 15:20
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
Post 20 May 2009, 16:01
View user's profile Send private message Visit poster's website Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
This made me laugh:
Quote:
Simply replacing a banned function call with a better replacement does not guarantee that the code is secure. It's possible to misuse the replacement function, most commonly by getting the destination buffer size wrong.
Post 20 May 2009, 16:07
View user's profile Send private message Reply with quote
pal



Joined: 26 Aug 2008
Posts: 227
pal
Ahh OK, I guess that they have been planning it for some time then.
Post 20 May 2009, 16:20
View user's profile Send private message Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7724
Location: Kraków, Poland
Tomasz Grysztar
vid wrote:
WTF? How are they going to copy blocks of memory now?
I thought you would actually support this idea, knowing how much are into pointing out the laziness in error checking. strcpy_s may help to discipline the programmers, at least a little bit.
Well, the lazy programmer may still try to put some huge value as destination buffer size just to make thing work and forget about it... *sigh*
Post 20 May 2009, 19:03
View user's profile Send private message Visit poster's website Reply with quote
bitshifter



Joined: 04 Dec 2007
Posts: 764
Location: Massachusetts, USA
bitshifter
No big deal unless you are coding high security industry apps.
I am guilty myself for leaving these holes in my programs.
If someone wants to get inside they eventually will crack it.
At least it will help make buffer overflows a bit more difficult.

_________________
Coding a 3D game engine with fasm is like trying to eat an elephant,
you just have to keep focused and take it one 'byte' at a time.
Post 20 May 2009, 19:20
View user's profile Send private message Reply with quote
r22



Joined: 27 Dec 2004
Posts: 805
r22
Precious CPU cycles are melting away!

Useless code to be executed ad-nauseum
Code:
MOV reg,[DST_LENGTH]
CMP reg,[SRC_LENGTH]
JB .DONT_WORRY_MICROSOFT_WUVS_YOU
    
Post 20 May 2009, 19:31
View user's profile Send private message AIM Address Yahoo Messenger Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
revolution: second link seems only have functions that are already banned. But now I found answer in second link.

Tomasz: I support it fully for string functions, but memcpy()? I think this is a bit overkill, but I agree it is understandable in case of MS.
Post 20 May 2009, 21:29
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
This is the dumbest thing I've heard in a LOOOONG while Confused

First I thought it was a prank, can't believe it's actually real. It makes as much sense as copying the function arguments twice "for consistency reasons" lololol.

_________________
Previously known as The_Grey_Beast
Post 21 May 2009, 23:50
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
I think they (MS) are realising that the programmers don't know how to properly use the function. So, rather trying to change the programmers habits, they thought it would be easier to change the function. And I suspect they are right, changing a programmers habits can be very hard to do. Right tom? Razz The extra parameter kind of encourages the programmer to think about the size of the destination. However if a programmer decides to misuse it then of course this change will make no difference.
Post 22 May 2009, 00:29
View user's profile Send private message Visit poster's website Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
I agree with revolution but I also wonder if MS is trying to protect people from themselves. They have enough issues. It's like banning loops or movs in asm cause they can runaway without a proper counter. Stupid.

However, the C library has new functions for copying strings that require definition of the string length but no one has banned the old use.
Post 22 May 2009, 03:10
View user's profile Send private message Reply with quote
sinsi



Joined: 10 Aug 2007
Posts: 693
Location: Adelaide
sinsi
Quote:
Developers who want to be SDL compliant will instead have to replace memcpy() functions with memcpy_s

Not totally banned, just 'deprecated'.

Anyway, what do we care? I don't use any C library functions.
Post 22 May 2009, 03:51
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
CopyMemory is not a C function.
Post 23 May 2009, 22:57
View user's profile Send private message Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 2915
Location: [RSP+8*5]
bitRAKE
My processor has REP MOVSB, so I use it where needed and memory sections are known not to overlap.

Copying massive blocks of memory has never been an algorithmically sound practice. Imagine an editor which completely copied the text every time a character was inserted/deleted - bad design unless the maximum number of characters is fairly small.

MS's approach is the exact opposite of education and supports the dumbing down of the programmer - just a sick hierarchy of protocols with all the wrong reasons.
Post 23 May 2009, 23:18
View user's profile Send private message Visit poster's website Reply with quote
pelaillo
Missing in inaction


Joined: 19 Jun 2003
Posts: 878
Location: Colombia
pelaillo
Quote:

MS's approach is the exact opposite of education and supports the dumbing down of the programmer

They already succeed in dumbing down the computer users.
Post 26 May 2009, 18:03
View user's profile Send private message Yahoo Messenger Reply with quote
comrade



Joined: 16 Jun 2003
Posts: 1137
Location: Russian Federation
comrade
That's bad? Take a look at Apple kicking their ass.
Post 27 May 2009, 07:42
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.