Chapter 19. SDL Banned Function Calls

Chapter 19. SDL Banned Function Calls In this chapter: The Banned APIs 242 Why the "n" Functions Are Banned 245 Important Caveat 246 Choosing StrSafe vs. Safe CRT 246 Using StrSafe 246 Using Safe CRT 247 Other Replacements 248 Tools Support 248 ROI and Cost Impact 249 Metrics and Goals 249 When the C runtime library (CRT) was first created about 25 years ago, the threats to computers were different; machines were not as interconnected as they are today, and attacks were not as prevalent. With this in mind, a subset of the C runtime library must be deprecated for new code and, over time, removed from earlier code. It's just too easy to get code wrong that uses these outdated functions. Even some of the classic replacement functions are prone to error, too. Following is a partial list of Microsoft security bulletins that could have been prevented if the banned application programming interfaces (APIs) that led to the security bug had been removed from the code: Microsoft Bulletin Number Product and Code Function MS02-039 Microsoft SQL Server 2000 sprintf MS05-010 License Server lstrcpy MS04-011 Microsoft Windows (DCPromo) wvsprintf MS04-011 Windows (MSGina) lstrcpy MS04-031 Windows (NetDDE) wcscat MS03-045 Windows (USER) wcscpy You can get more info on these security bulletins at http://www.microsoft.com/technet/security/current.aspx. Note that many other software vendors and projects have had similar vulnerabilities.