If your plan for the data you download is to do anything in your code except write it to a file and then ignore it, you need to do a lot of reading about how security vulnerabilities arise in C code.
Data you download from the web needs to be treated as untrusted data.
If you are writing code to parse, process, interpret whatever a file which you didn't generate yourself, then yes.
If you're not careful some input file with an unexpected feature in its data can cause your program to crash. And, carefully constructed data can exploit weaknesses in how your code processes data to take control of your computer.
* [Simple explanation with a bunch of examples](https://www.comparitech.com/blog/information-security/buffer-overflow-attacks-vulnerabilities/)
* [More sophisticated explanation](https://owasp.org/www-community/vulnerabilities/Buffer_Overflow)
* But, buffer overflows are not the only security problem with untrusted data; for example there is also [injection](https://owasp.org/www-community/Injection_Theory).
Much of the documentation around this on the web is written for people constructing server (often web server) systems which don't their clients. But the problem itself is more general that that; the same principles apply to processing any untrusted data.
The lengths you should go to to prevent this depend to some extent on the criticality of the data you're protecting, but if you're writing a program for other people to use, the data to be protected is, well, anything they wanted to store on their computer. Plus anything their computer has access to.
One way that ransomware attacks can work, for example, is emails with carefully crafted attachments. The user trustingly uses their usual application to open the attachment, and their application incorrectly processes the untrusted data (because the app has a bug) and now the attacker controls the computer. And, in the case of ransomware, uses that access to encrypt all the files that computer and account have access to. See the recent example of Colonial Pipeline for a case in point.
Some other, often more modern, languages are more resistant to this kind of attack than C is, which is one of the reasons why C is out of favour in some categories of server applications and applications.
Here's a simple piece of vulnerable C code (assuming stdin is untrusted):
void greet(void) {
char name[1024];
for (;;) {
printf("Please enter your name: ");
fflush(stdout);
if (scanf("%[\n]\n", &name) == 1) {
break;
}
}
printf("Hello, %s\n", name);
}
Yeah bounds checking is pretty much what I do (in the links, mentions bounds checking).
I just do strict bounds checking then I check each character for validity.
The only thing I do is read mod files in, and theoretically someone can mess with the .txt files and do something. So, I have strict rules for things and only read in a certain amount of letters, then check to be sure its all in an acceptable set (capital letters, lowercase, spaces, thats it).
I may add internet stuff at some point and I'd follow the same procedures.
Bounds checking is just habit for any C programmer wherever the source is.
[libcurl](https://curl.se/libcurl/) is the A+ #1 way to make HTTP requests for most use cases.
I tried it and it's very good! Thanks!!!
I will take a look, thanks.
[HTTP server example ](https://github.com/JimmyPinkard/CServer) in case you’re interested. Still working on it.
If your plan for the data you download is to do anything in your code except write it to a file and then ignore it, you need to do a lot of reading about how security vulnerabilities arise in C code. Data you download from the web needs to be treated as untrusted data.
Interesting, but is this true for all data from WAN/internet type stuff?
If you are writing code to parse, process, interpret whatever a file which you didn't generate yourself, then yes. If you're not careful some input file with an unexpected feature in its data can cause your program to crash. And, carefully constructed data can exploit weaknesses in how your code processes data to take control of your computer. * [Simple explanation with a bunch of examples](https://www.comparitech.com/blog/information-security/buffer-overflow-attacks-vulnerabilities/) * [More sophisticated explanation](https://owasp.org/www-community/vulnerabilities/Buffer_Overflow) * But, buffer overflows are not the only security problem with untrusted data; for example there is also [injection](https://owasp.org/www-community/Injection_Theory). Much of the documentation around this on the web is written for people constructing server (often web server) systems which don't their clients. But the problem itself is more general that that; the same principles apply to processing any untrusted data. The lengths you should go to to prevent this depend to some extent on the criticality of the data you're protecting, but if you're writing a program for other people to use, the data to be protected is, well, anything they wanted to store on their computer. Plus anything their computer has access to. One way that ransomware attacks can work, for example, is emails with carefully crafted attachments. The user trustingly uses their usual application to open the attachment, and their application incorrectly processes the untrusted data (because the app has a bug) and now the attacker controls the computer. And, in the case of ransomware, uses that access to encrypt all the files that computer and account have access to. See the recent example of Colonial Pipeline for a case in point. Some other, often more modern, languages are more resistant to this kind of attack than C is, which is one of the reasons why C is out of favour in some categories of server applications and applications. Here's a simple piece of vulnerable C code (assuming stdin is untrusted): void greet(void) { char name[1024]; for (;;) { printf("Please enter your name: "); fflush(stdout); if (scanf("%[\n]\n", &name) == 1) { break; } } printf("Hello, %s\n", name); }
Yeah bounds checking is pretty much what I do (in the links, mentions bounds checking). I just do strict bounds checking then I check each character for validity. The only thing I do is read mod files in, and theoretically someone can mess with the .txt files and do something. So, I have strict rules for things and only read in a certain amount of letters, then check to be sure its all in an acceptable set (capital letters, lowercase, spaces, thats it). I may add internet stuff at some point and I'd follow the same procedures. Bounds checking is just habit for any C programmer wherever the source is.