Your SlideShare is downloading. ×
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Code Review Looking for a vulnerable code. Vlad Savitsky.
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Code Review Looking for a vulnerable code. Vlad Savitsky.

724

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
724
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
22
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Highly Critical - Remotely exploitable vulnerabilities that can compromise the system. Interaction is not normally required for this exploit to be successful. Exploits have occurred to systems. Previous examples include: Local file inclusion on Windows, Impersonation, privilege escalation Critical - Remotely exploitable Denial of Service (DOS) vulnerabilities that can compromise the system but do require user interaction. Vulnerabilities that may allow anonymous users (i.e. users not registered at the site) to log in as a site user or take administrative actions. Interaction (such as an administrator viewing a particular page) may be required for this exploit to be successful, or in cases where interaction is not required (such as CSRF) the exploit causes only minor damage. Previous examples include: OpenID impersonation, SQL injection Moderately Critical (3 of 5): Remotely exploitable vulnerabilities that can compromise the system. Interaction (such as an administrator viewing a particular page) is required for this exploit to be successful. Exploits have not yet occurred on systems when vulnerability was disclosed. The exploit requires the user to be registered at the site and have some non-default permission, such as creating content. Previous examples include: Cross Site Scripting, Access bypass Less Critical (2 of 5): Used for cross-site request forgery vulnerabilities as well as privilege escalation vulnerabilities which require complex chains of events. This rating also includes vulnerabilities which might expose sensitive data to local users. Previous examples include: Session fixation, Cross site request forgery Not Critical (1 of 5): Rating is used for limited privilege escalation vulnerabilities and locally Denial of Service (DOS) vulnerabilities. Previous examples include: Access bypass
  • Transcript

    • 1. Code Review Looking for a vulnerable code Vlad Savitsky http://donetsk.drupal.ua
    • 2. Code Review Looking for a vulnerable code
    • 3. Twitter: У нас ввели code-review. – А это как? – Ну как, сидишь, читаешь код, ревёшь... http://twitter.com/#!/dallaylaen/status/129887114576920577
    • 4. Overview
      • Why review code?
      • Who should do code review?
      • Code Review or Person Review
      • How to find a vulnerability?
      • How to report about security problem?
    • 5. Why review code?
      • Increase code quality.
      • Developers can learn new code.
      • Learn new code best practices.
      • To check if code is clear and easy to understand.
      • Find vulnerable code.
    • 6. What you shouldn't review?
      • Bugs and mistakes.
      • Coding Standard compliance.
    • 7. When code should be reviewed?
      • Before merging to trunk.
      • Easy to review small pieces of code.
      • Often is better.
    • 8. When code should be reviews?
      • Before adding new code to project.
        • Contrib modules/themes
        • Custom modules/themes
      • Easy to review small pieces of code.
      • Often is better.
    • 9. Who should do code review?
      • Team Lead
      • Other developers
    • 10. Code Review or Person Review
      • Developers associate themselves with their code.
      • Team Conflicts
      • Ability to learn best practices .
    • 11. Golden Rule of Code Review
      • Do others code review
      • as you want they
      • do your code review.
    • 12.  
    • 13. Goal of Code Review Perfect code made by not perfect developers.
    • 14. How to find a vulnerability?
    • 15.  
    • 16. Find XSS
      • Find and inspect theme() functions.
      • Does t() function used with proper placeholders.
      • Does check_plain() or theme('placeholder') used for plain text?
      • Does check_markup() or filter_xss() used for markup containing text?
    • 17.  
    • 18. SQL injection
      • Bad code:
      • db_query('SELECT foo FROM {table} t WHERE t.name = '. $_GET['user']);
      • Good code:
      • db_query("SELECT foo FROM {table} t WHERE t.name = '%s' ", $_GET['user']);
      • Does Database API used correctly?
    • 19. Bad smelling code
      • Bad smelling code in most cases should be refactored.
      • http://sourcemaking.com/refactoring/bad-smells-in-code
    • 20. Drupal Security Team
    • 21. Goals of the security team
      • Resolve reported security issues.
      • Provide assistance for contributed module maintainers in resolving security issues.
      • Provide documentation on how to write secure code .
      • Provide documentation on securing your site
    • 22. How to report a security issue
      • Do not post in the issue tracker or discuss it in IRC.
      • Mail to security@drupal.org
      • Provide as many details as you can. At least:
        • Drupal version and/or module version.
        • Steps to reproduce the problem.
      • Do not disclose the vulnerability to anyone before the advisory is issued.
      • You will be credited in the security announcement
    • 23. How the security team works with issues
      • Review the issue and evaluate the potential impact on all supported releases of Drupal.
      • If it is indeed a valid problem, the security team is mobilized to eliminate it .
      • New versions are created and tested.
      • New packages are created and uploaded to Drupal.org.
      • When an issue has been fixed, use all available communication channels to inform users of steps that must be taken to protect themselves.
    • 24. Issues with contributed modules
      • The module maintainer is contacted with a deadline .
      • When the maintainer fixes the problem, the security team issues an advisory.
      • If the maintainer does not fix the problem within the deadline, an advisory is issued, recommending disabling the module and the project on Drupal.org is unpublished.
    • 25. Happy Code Review!!!
    • 26. Questions?
      • Question #1
      • Question #2
      • Question #3

    ×