Page 108 - SOFTWARE TESTING & QUALITY ASSURANCE

P. 108

Unit 7: Documentation and Security Testing

processing of the input data for proper handling of buffers in the software. Since, C or C++ language
do not have proper control over the data being stored in the buffer, these strings replace the standard
string functions that are available such as strcat, strcpy, sprintf, and so on.
The strcpy is a function used to copy the string value from one variable to
another variable. If the destination variable array length is small compared to
the source variable, then the problem of overflow occurs in the destination
variable.
The new set of string functions, i.e., the safe string functions that help to overcome the overrun problem
are developed by Microsoft for the Windows XP SP1, Windows Driver Device Kit and platform
Software Development Kit.
Some of the advantages of using safe string functions in a program are:
1. Along with the input data, the functions also receive the destination buffer's size as input. This
makes sure that the destination buffer does not overrun if the input data exceeds the normal size
of the destination buffer.
2. The string functions terminate all output strings with a Null character, which indicates the end of
the string. Other functions using these strings can assume that they will encounter null character.
Therefore, the data before the null character is a valid data and null character terminates the
string without allowing it to run indefinitely.

3. NTSTATUS value is returned by all safe string functions. This value indicates the calling function
that the safe string function has performed the operation successfully.
4. The safe string functions are available in two versions. One version supports double-byte
Unicode characters and the other supports single-byte American Standard Code for Information
Interchange characters.
When the tester performs the white box test of the software, then the tester has to check for unsafe
strings in the program code and how they are used in the program logic. This enables to develop test
cases to check whether or not these unsafe string functions cause overruns. It is advisable that the
programmers extensively use safe string functions instead of unsafe functions.
Table 7.1 shows the list of various safe and unsafe string functions developed by Microsoft.

Table 7.1: Safe String Functions List

Purpose Unsafe Strings Functions Safe String Functions
Concatenate two strings. strcat RtlStringCbCat
wcscat RtlStringCbCatEx
RtlStringCchCat
RtlStringCchCatEx
Concatenate two byte-counted strings, strncat RtlStringCbCatN
while limiting the size of the appended wcsncat RtlStringCbCatNEx
string. RtlStringCchCatN
RtlStringCchCatNEx
Concatenate two byte-counted strings, strcpy RtlStringCbCopy
while limiting the size of the appended wcscpy RtlStringCbCopyEx
string. RtlStringCchCopy
RtlStringCchCopyEx
Copy a byte-counted string into a strncpy RtlStringCbCopyN
buffer, while limiting the size of the wcsncpy RtlStringCbCopyNEx
copied string. RtlStringCchCopyN
RtlStringCchCopyNEx Contd…

LOVELY PROFESSIONAL UNIVERSITY 101

103 104 105 106 107 108 109 110 111 112 113