We recommend that you check this list often to make sure you are not making any of these in your code. This list is sorted in the order of importance from top to bottom.
1. Buffer Overflow
Buffer Overflow occurs when data is written into a buffer past its end. It may arise due to faulty calculations of the write position. Or continuous writing into a buffer without checking the length. Whatever the reason, this error is one of the most common and has resulted in major exploits. Some of these include the Morris Internet Worm in 1988, W32/Nimda worm in 2001, and Sendmail error in 2003.
A C Example:
char array = "hello"; strcat(array, ", joe"); /* <- This line causes a buffer overflow. */
2. SQL Injection
SQL Injection is a techique for injecting SQL commands into user input such that these commands are directly executed by the database. This allows the attacker to perform malicious acts such deleting tables, dropping databases, stealing data and much more.
A key cause of SQL Injection attacks succeeding is that the application software that processes user input performs insufficient checks and validation on the input before passing it to the database for execution.
A Java Example:
// The following is a parameter value with SQL injection String username = "joe'; delete from user where username like '%"; Connection con = ...; // create connection to database // When this statement is executed, all users are deleted from the database. con.createStatement().execute("update user set logged_in = 1 where username = '" + username + "'");
3. OS Command Injection
OS Command Injection arises when user-specified input is directly handed over to the operating system for exection by the application without proper vetting. Such an operation might be used by an application to use an existing command on the OS. When the application passes user input without properly validating it, it paves the way for an attacker to use clever constructs to execute malicious commands. These commands can be, for example, to delete files, steal data, alter permissions on files, and more.
4. Integer Overflow or Wraparound
An Integer Overflow error occurs when you attempt to store a larger value into an integral type than will fit. When this happens, the larger value is truncated and the operation ends up storing an unpredictable result. For example, a 2-byte unsigned short can store a maximum value of 65535. Now, imagine adding two short values such as 65530 and 10 and storing the result in a short. The result (65545) will not fit in a short, leaving some unpredictable value in the target short as a result of truncation. When subsequently using this value in another operation (such as an array index), you will end up with unpredictable results.
A C Example:
short a = 65530, b = 10; short c = a + b; // on my computer, c has the unexpected value: 4
5. Improper Validation of an Array Index
Another very common error encountered in software is Improper Validation of an Array Index. It arises when accessing an array using an index that lies outside the bounds of the array. When you access a location outside the program’s valid data boundaries, you end up with a memory access error (also known as a segmentation violation). When the memory location lies within the data bounds but outside of the array, you are looking at memory corruption when you write to such locations.
6. Allocate Resources Without Limits
Memory allocation is very common in C and C++ since all memory management in these languages is manual. Allocating memory without proper validation of the size being allocated can cause the allocation to fail. When the result of this allocation is not checked but used directly, you have a recipe for disaster.
Another possibility of this error arising is to create other resources such as file handles or connection handles without proper checking. Not properly closing these resources when you are done using them is the most common way that these resource limits are reached.
7. Expired Pointer Dereference
In languages such as C and C++, memory can be freed once you are done with it. Using a pointer to this block of memory that has already been freed is an error. This type of error has also been in the news due to major outages, so you would do well to verify that this kind of error does not happen in your code.
8. Null Pointer Dereference
A pointer may have a null value before it is properly initialized (or after the memory is freed). Dereferencing such a pointer causes a null pointer error (called NullPointerException in Java). It is very common in C, C++ as well as Java, and definitely possible in other languages too. You should take sufficient care in your code to avoid this kind of error.
9. Missing Initialization
Local variables are those which are declared within a function (or a block) and cease to exist at the end of the function. These variables are allocated on the stack and will have random garbage when they are first declared. As a programmer it is your duty to assign a suitable value to these variables as soon as they are declared. Using them before such initialization results in the Missing Initialization error and will most definitely end in a crash (or something more devastating).
A C Example:
int pos; char buffer = "hello world"; // this line may print garbage and/or may crash the program since pos is not initialized. printf("Value of character at pos %d is: %c\n", pos, buffer[pos]);
10. Broken or Risky Cryptographic Algorithm
The world of cryptography is constantly evolving. What is acceptable today may no longer be acceptable tomorrow. This might be due to the increasing power of computers where computing tasks which are deemed to take years today might take minutes tomorrow. Or someone finds a new way to crack a particular algorithm which renders that algorithm useless. So you need to constantly keep abeast of developments in cryptography and update your code (if it is still in use) if vulnerabilities and hacks are discovered in the algorithms you use.
For example, SHA-1, which is a hashing algorithm, is no longer recommended for computing hashes. In 2005, attacks were discovered against this algorithm, and SHA-2 or SHA-3 are recommended. So if your code uses SHA-1 at any point, you will need to replace it with the recommended one if the software is still being used. Otherwise you run the risk that your application is open to attack.
We have covered a few of the most common programming and coding errors in this article. You can refer to this list often to make sure you are avoiding them.
Have you come across these or other errors which might lead to a large-scale hack of your website or application? Let us know in the comments below.
Image Credit: ajfile/Depositphotos