Improper Variable Initialization
Subscribe To Our Feed | Follow Us On Twitter | Get Updates on Email
Except for few good C programmers, others generally tend to ignore variable initialization or I should rather say “proper variable initialization”. Generally seen, the variable declaration itself is not done with a good thinking. Improper local variable initialization might not be good for the working of the program but improper global variable initialization might get your software or system hacked.
The uninitialized variable or a wrongly initialized variable might lead a program to change its normal course of flow from the intended one. For example: If a variable “index” is being used for array navigation and is left uninitialized, it might contain a garbage value which can lead to array index out of bounds error. or if the variable “index” is initialized wrongly to –1, it might lead to serious flaw in code flow. Even if an integer value is being initialized to ‘0’, it might lead to a security check bypass because for some programs, even a ‘0’ is considered a valid value.
Lets take an example of a code piece.
int isMachineRunning = GetMachineStatus(); int state = GetUserState(isMachineRunning); int userid = 0; if (state) { userid = ExtractUserID(state); } /* do stuff */ if (uid == 0) { DoAdminThings(); }
Now, in the above example, userId is initialized to ‘0′. and adminUserID is also equal to ‘0′. Consider that the GetUserState() function somehow failed to get the state of user then, the If condition check might fail resulting in failure to obtain a valid user id. This, In turn, will still lead to admin access as we have wrongly initialized the userid variable to ‘0′ which is equal to admin user id. Let’s consider another example:
char str[20]; strcat(str, "hello world"); printf("%s", str);
This might seem innocent enough, but str was not initialized, so it contains random memory. As a result, str[0] might not contain the null terminator, so the copy might start at an offset other than 0. The consequences can vary, depending on the underlying memory. If a null terminator is found before str[8], then some bytes of random garbage will be printed before the “hello world” string. The memory might contain sensitive information from previous uses, such as a password stored in a buffer. In this example, it might not be a big deal, but consider what could happen if large amounts of memory are printed out before the null terminator is found. If a null terminator isn’t found before str[8], then a buffer overflow could occur, since strcat will first look for the null terminator, then copy 12 bytes starting with that location. Alternately, a buffer over-read might occur if a null terminator isn’t found before the end of the memory segment is reached, leading to a segmentation fault and crash. I hope that the above mentioned examples are goos enough to emphasize on the correct initialization of variables and yes, that each and every needs to be initialized.
The four mandatory steps to follow for correct variable declaration is :
- Explicitly initialize all variable or data stores with the correct and expected values either at the first usage or during declaration as a must rule.
- Properly do input validation to make sure that the variable usage in the first statement itself is initialized to expected value.
- Avoid race conditions during initialization routine.
- Definitely run some static analysis tool on your code to make sure that it raises all sorts of warnings or errors to warn you before you publish your code.
Once you follow the above mentioned checklist, I am sure that you’ll face least of problems or issues with variable initializations.
© Safer Code | Improper Variable Initialization
|
Liked this post? Get FREE Updates Subscribe to RSS feed 
|
Related posts
Tags: buffer overflow, C, Efficiency, initialization, Languages, Security, variable declaration, variables
