-
Notifications
You must be signed in to change notification settings - Fork 87
Home
The Safe String Library is a C Library providing string and memory buffer routines that protect against buffer overflows.
The Secure Development Lifecycle (SDL) recommends that certain C Library functions not be used, because of their propensity to create buffer overflow vulnerabilities. It is not the routines themselves, but rather the lack of proper verification of the parameters, that cause the security issues.
Have questions? Need help? Go to the Safe String Mailing List: https://lists.01.org/mailman/listinfo/safestringlib
Microsoft Windows provides a set of safe routines to replace the banned C library functions as part of the StrSafe.h or SAFE CRT libraries. Details are published in the MSDN article: SDL Banned Function Calls. However, this library cannot be used for cross-platform or Linux development.
The Safe String Library contains replacements for these SDL banned C functions and are created to avoid or prevent serious security vulnerabilities (e.g. buffer overflows, string format attacks, conversion overflows/underflows, etc.). The Safe String Library was originally developed by Cisco, and made available as a Source Forge project. Support and development on this library had ceased, so Intel's Security Center of Excellence (SeCoE) updated the Cisco library, adding additional routines and providing additional unit test functions. The Safe String Library is Intel's open source release of this updated Cisco library.
Linux-type operating systems provide a base C library that includes many of the SDL banned functions. The specific list of banned functions is provided in this table. These functions should not be used, but instead replacement functions should be utilized from The Safe String Library (see details on the API pages).
This code base includes a set of unit test functions that are used to validate the assumptions implemented in the secure operations. Additionally, this code base has been run through Klocwork Static Code Analysis, and any issues were fixed.
None reported.