SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 33

changes.mady.by.user Shannon Haas

Saved on

compared with

New Version 34

changes.mady.by.user Shannon Haas

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

...

See recommendation MEM06-C. Ensure that sensitive data is not written out to disk.

Wiki MarkupWhile using a password, consider storing its hash instead of plaintext. Use the hash for comparisons and other purposes. The following code \ [[Viega 2001|AA. Bibliography#Viega 01] \] illustrates this:

Code Block
bgColor#ccccff
langc
int validate(char *username) {
  char *password;
  char *checksum;
  password = read_password();
  checksum = compute_checksum(password);
  erase(password);  /* securely erase password */
  return !strcmp(checksum, get_stored_checksum(username));
}

...

  1. Be aware of compiler optimization when erasing memory. (See recommendation MSC06-C. Be aware of compiler optimization when dealing with sensitive data.)unmigrated-wiki-markup
  2. Use secure erase methods specified in US Department of Defense Standard 5220 \ [[DOD 5220|AA. Bibliography#DOD 5220] \] or Peter Gutmann's paper \ [[Gutmann 1996|AA. Bibliography#Gutmann 96]\].

Risk Assessment

If sensitive data is not handled correctly in a program, an attacker can gain access to it.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MSC18-C

medium

probable

medium

P8

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

...

MITRE CWE: CWE-311, "Missing Encryption of Sensitive Data"

Bibliography

Wiki Markup\[[DOD 5220|AA. Bibliography#DOD 5220]\] \[
[Gutmann 1996|AA. Bibliography#Gutmann 96]\] \[[Lewis 2006|AA. Bibliography#Lewis 06]\] \[[Viega 2001|AA. Bibliography#Viega 01]\]
[Lewis 2006]
[Viega 2001]

...

      49. Miscellaneous (MSC)