From the course: Threat Modeling: Denial of Service and Elevation of Privilege

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Validate for purpose to prevent elevations

Validate for purpose to prevent elevations

From the course: Threat Modeling: Denial of Service and Elevation of Privilege

Start my 1-month free trial

Validate for purpose to prevent elevations

- [Instructor] So which of these strings on screen do you need to detect and reject? Validation happens for a reason and for a purpose. You can do validation as data comes in. No one would ever send more than 640K. As you send it out, checking is in two flavors. One is a courtesy to the next parser. The other is a hail Mary because you don't feel you can rely on that other parser to be safe and are trying to avoid sending an attack along to it. That second flavor, the hail Mary, is really hard. You have to assume your attacker can take your system into a lab and hone their attack in secret until it gets through. It's much better to improve that second parser when it's your code and so you can. When parsing garbage, you want to be paranoid about it. Writing your parser in a type safe language, putting it in a sandbox, and other defensive measures are probably appropriate. Another useful pattern is transformation. If you…

Contents