Download Security Injection Assessments: Input Validation Assessments

Security Injection Assessments:
Input Validation
Assessments:
Objective 1: Describe the vulnerability (CS0, CS1, CS2)
1.1 What is an input validation vulnerability?
1.2 Which input sources are potential sources of input validation problems?
1.3 Give an example of a variable and an input value for that variable that might lead to an input validation
problem,
1.4 Consider the following code:
Java
Scanner scan = new Scanner(System.in);
int x = scan.nextInt();
C++
int x;
cin >>x;
What sort of vulnerability might arise if the user typed “Hello” when this program runs?
1.5 Imagine you're writing a website for an online clothing store, You've started designing the “checkout” page,
where the customer will provide their billing and shipping information. Name three input fields from this page that
might be potential sources of input validation vulnerabilities.
Objective 2: Describe potential problems that may result from the vulnerability (CSO, CS1, CS2)
2.1 Your program has a prompt that asks the user to type a number: what might happen if they type a string
instead? What if they type a number for a prompt that asks for a string?
2.2 Imagine an online banking site that allows customers to transfer funds between accounts or to pay bills.
Name 2 problems that might occur if input is not properly validated.
2.3 Some poorly-designed programs deal with bad input by simply truncating it to fit. For example, a program
that asks for a person's 5-digit zip code might truncate any input so that it contains at most 5 digits, changing
“212523” into “21252”. What sort of problems might be associated with this type of strategy?
Objective 3: Identify vulnerabilities in a simple program written in the language of instruction (CS0,
CS1,CS2)
Simple programs with input validation vulnerabilities generally use of of two forms of input – console or file – to
arrive at one of three forms of input validation problems – inappropriate type (string value for numeric variable),
out of bounds array index, and logic errors (35 for the date in a month, etc). The exercises given below illustrate
some of these possibilities: the translation from console input to file input should be straightforward.
All of these programs can be presented with instructions that ask the student to find potential input validation
problems. Instructors concerned about stressing the security-related material can simply ask students to find
potential problems with the code:
3.1 Console input, data type and logic vulnerabilities:
Logic error arises from not verifying that the age is a plausible value.
Java:
import java.util.*;
public class Class1 {
public static void main(String[] args) {
Scanner scan = new Scanner(System.in);
System.out.println("What is your name ?");
String name = scan.nextLine();
System.out.println("How old are you? ");
int age = scan.nextInt();
System.out.print("Hello, "+name+", you are "+age+" years old.");
}
}
C++
#import <iostream>
using namespace std;
int main() {
string name;
int age;
cout << "What is your name ?";
cin >> name;
cout << "How old are you? ";
cin >> age;
cout << "Hello, " << name << ", you are " << age << " years old." <<endl;
}
3.2 File input, out of bounds & data type
Attempts to read 5 lines from a four line file. Third item in each line should be a float, not an integer.
Data File contents:
Washington
Jefferson
Adams
Monroe
23
96
12
10
14.15
194.23
7.98
13.9
Java:
import java.util.*;
import java.io.*;
public class FileInputValidation {
public static void main(String[] args) throws FileNotFoundException {
FileReader reader = new FileReader("data");
Scanner inFile = new Scanner(reader);
for (int i = 0; i < 6; i++) {
String s = inFile.next();
int a = inFile.nextInt();
int b = inFile.nextInt();
System.out.println(s+", "+a+" "+b);
}
}
}
C++:
#include <iostream>
#include <fstream>
using namespace std;
int main() {
string s;
int a;
double b;
ifstream infile;
infile.open("data");
for (int i =0; i < 6; i++) {
infile >> s;
infile >>a;
infile >> b;
cout << s << ", " << a << " " << b <<endl;
}
infile.close();
}
3.3 Console input, data type, logic error, and array bounds
Potential problems include typing a string when an integer is needed, logic errors (months are between 1 and
12, inclusive – this should be verified), and array index out of bounds (when a value less than 1 or greater than
12 is typed).
Java:
import java.util.*;
public class GetMonthName {
public static void main(String[] args) {
String[] months = { "January", "February", "March", "April",
"May", "June", "July","August","September",
"October","November","December"};
Scanner scan
= new Scanner(System.in);
System.out.println("Enter a month number: ");
int num = scan.nextInt();
String name = months[num-1];
System.out.println("Month "+num+" is named: "+name);
}
}
C++:
#include <iostream>
using namespace std;
int main() {
string months[] = { "January", "February", "March", "April",
"May", "June", "July","August","September",
"October","November","December"};
int num;
cout << "Enter a month number: ";
cin >> num;
string name = months[num-1];
cout << "Month " << num << " is named: " << name <<endl;
}
Objective 4: Discuss general strategies for mitigating vulnerabilities (CS1, CS2)
4.1 Name three approaches for avoiding input validation problems.
4.2 Your friend runs up to you with a great idea: “I've developed a perfect strategy for handling input validation
concerns. If the user types in any input that is the wrong type or format, my program will print an insulting
message and terminate immediately.” Does this seem right to you? If not, what would you suggest she do
instead?
4.3 A member of your project team suggest that you might avoid input validation concerns by reading all input
data from a file, instead of asking users to type data. Is this likely to be a productive strategy? Why or why not?
Objective 5: Write code that uses appropriate techniques to mitigate or avoid the vulnerability (CS1,CS2)
Assessment exercises for this objective will generally ask students to write a short program. Instructions should
urge students either to “be careful to ensure that all input data is validated appropriately” or (more generically) to
“be careful to handle input data and potential errors appropriately”.
The three programs given above in objective three provide examples of potential assignments. Specifically:
5.1 Write a program that asks a user to type their name and age, and then prints a message that says hello to
them by name, and then prints their age.
5.2 Assume you have a data file that contains a number of lines of data. Each line contains three values: a
string, an integer, and a floating point value. Write a program that iterates over the lines in the file, reading each
of the three values from each line and then printing them out, before moving on to the next line.
5.3 Write a program that asks the user to type in a number and then prints the name of the month corresponding
to that number: 1 is January, 2 is February, etc.
Objective 6: Revise a program, eliminating vulnerabilities (CS2)
Any of the programs given as exercises for assessing objective 3 can be used for this objective. Relevant
strategies include catching exceptions to account for assignments of string to integers and range-checking
integers before using them as array bounds, and checking input values for appropriate ranges (a human's age
should probably not be over 150). Loops can be used to repeat prompts for values that fail validation tests.