Usage of Secure C (memcpy_s, strcpy_s etc) functions on OpenSSL

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Usage of Secure C (memcpy_s, strcpy_s etc) functions on OpenSSL

Raja ashok

Hi All,

 

We are using OpenSSL in our projects and we found some of the C standard functions (like memcpy, strcpy) used in OpenSSL may induce security vulnerablities like buffer overflow. Currently we have not found any instances which causes such issues.

 

But we feel better to change these calls to C11 standard's secure functions like memcpy_s, strcpy_s etc. By defining a secure calls method (list of func pointers) and allowing application to register the method. I understand that this affects performance because of return value check added for xxxx_s calls, but this will make sure it removes buffer overflow kind of issues completely from code. And also currently using secure c calls is a general industry practice.

 

Please share your opinion on it, and if any discussion happened in OpenSSL coummunity to do this change in future.

 

Thanks in advance.

Raja Ashok

Reply | Threaded
Open this post in threaded view
|

Re: Usage of Secure C (memcpy_s, strcpy_s etc) functions on OpenSSL

Libor Chocholaty

Hello,

these _s functions are not so much safer than the standard ones. Using them makes just MSVC happy.

Regards,
Libor


On 2019-11-26 12:07, Raja ashok wrote:

Hi All,

 

We are using OpenSSL in our projects and we found some of the C standard functions (like memcpy, strcpy) used in OpenSSL may induce security vulnerablities like buffer overflow. Currently we have not found any instances which causes such issues.

 

But we feel better to change these calls to C11 standard's secure functions like memcpy_s, strcpy_s etc. By defining a secure calls method (list of func pointers) and allowing application to register the method. I understand that this affects performance because of return value check added for xxxx_s calls, but this will make sure it removes buffer overflow kind of issues completely from code. And also currently using secure c calls is a general industry practice.

 

Please share your opinion on it, and if any discussion happened in OpenSSL coummunity to do this change in future.

 

Thanks in advance.

Raja Ashok


Reply | Threaded
Open this post in threaded view
|

Re: Usage of Secure C (memcpy_s, strcpy_s etc) functions on OpenSSL

Matthias St. Pierre
In reply to this post by Raja ashok
Hello Raja,

according to our policy, the OpenSSL C source code needs to conform to ISO C90, which makes it
impossible to adopt C11 features.


                 Chapter 20:  Portability

To maximise portability the version of C defined in ISO/IEC 9899:1990
should be used. This is more commonly referred to as C90. ISO/IEC 9899:1999
(also known as C99) is not supported on some platforms that OpenSSL is
used on and therefore should be avoided.

(see https://www.openssl.org/policies/codingstyle.html)


Matthias


On 26.11.19 12:07, Raja ashok wrote:

>
> Hi All,
>
> We are using OpenSSL in our projects and we found some of the C standard functions (like memcpy, strcpy) used in OpenSSL may induce security vulnerablities like buffer overflow. Currently we have not found any instances which causes such issues.
>
> But we feel better to change these calls to C11 standard's secure functions like memcpy_s, strcpy_s etc. By defining a secure calls method (list of func pointers) and allowing application to register the method. I understand that this affects performance because of return value check added for xxxx_s calls, but this will make sure it removes buffer overflow kind of issues completely from code. And also currently using secure c calls is a general industry practice.
>
> Please share your opinion on it, and if any discussion happened in OpenSSL coummunity to do this change in future.
>
> Thanks in advance.
>
> Raja Ashok
>