Difference between revisions of "Implement interface contracts"

From OWASP
Jump to: navigation, search
(Reverting to last version not containing links to s1.shard.jp)
 
Line 1: Line 1:
[http://s1.shard.jp/olharder/autoroll-654.html http] [http://s1.shard.jp/olharder/hertz-autovermietung.html lambs automotive austin tx
 
] [http://s1.shard.jp/losaul/limousine-hire.html limousine hire perth western australia] [http://s1.shard.jp/losaul/australian-photography.html new australians
 
] [http://s1.shard.jp/frhorton/q7wm62r24.html african american black magazine man site web
 
] [http://s1.shard.jp/galeach/new73.html asian big gallery tit
 
] [http://s1.shard.jp/olharder/bxautozip.html auto market shares
 
] [http://s1.shard.jp/olharder/autoroll-654.html links] [http://s1.shard.jp/losaul/wwe-wrestlemania.html australian artists female
 
] [http://s1.shard.jp/olharder/autoroll-654.html url] [http://s1.shard.jp/losaul/australia-cost.html 2004 cpi australia
 
] [http://s1.shard.jp/losaul/scoutsaustralia.html execujet australia
 
] [http://s1.shard.jp/bireba/mc-afee-antivirus.html clam antivirus clamd failed
 
] [http://s1.shard.jp/losaul/job-search-cairns.html cricket from australia
 
] [http://s1.shard.jp/olharder/ontario-auto-insurance.html auto gucci interior
 
] [http://s1.shard.jp/bireba/nortons-antivirus.html antivirus software for windows 2000
 
] [http://s1.shard.jp/losaul/helicopters-australia.html womens weekly australia
 
] [http://s1.shard.jp/frhorton/u8q43h8tl.html digital planet south africa
 
] [http://s1.shard.jp/losaul/australia-phone.html south australia government
 
] [http://s1.shard.jp/galeach/new132.html wall street journal asia edition
 
] [http://s1.shard.jp/olharder/automation-expense.html carisma automotive website
 
] [http://s1.shard.jp/galeach/new153.html growing rice in asia
 
] [http://s1.shard.jp/losaul/nikon-d70-price.html show horse council australia
 
] [http://s1.shard.jp/olharder/12-auto-become-br.html auto trader bikes
 
] [http://s1.shard.jp/galeach/new56.html asia flight search
 
] [http://s1.shard.jp/frhorton/tiwomyd3z.html the importance of african american divorce
 
] [http://s1.shard.jp/galeach/new176.html asian stores maryland
 
] [http://s1.shard.jp/losaul/jamberoo-recreation.html jamberoo recreation park australia] [http://s1.shard.jp/galeach/new198.html asian flush prevention
 
] [http://s1.shard.jp/olharder/pyles-auto-sales.html pyles auto sales] [http://s1.shard.jp/bireba/mcafee-free-antivirus.html antivirusprogramma
 
] [http://s1.shard.jp/galeach/new137.html asian asses
 
] [http://s1.shard.jp/galeach/new39.html asian oil paintings
 
] [http://s1.shard.jp/bireba/avg-free-download.html avg free download antivirus] [http://s1.shard.jp/losaul/civil-aviation-safety.html bodykits australia
 
] [http://s1.shard.jp/frhorton/jp87fttqi.html map of english colonies in africa
 
] [http://s1.shard.jp/frhorton/whhjm2ac8.html african american art wall] [http://s1.shard.jp/bireba/etrust-ez-antivirus.html nod antivirus
 
] [http://s1.shard.jp/frhorton/8fsjs64q2.html dutch south africa boer
 
] [http://s1.shard.jp/bireba/alarm-antivirus.html ez antivirus 2005 reviews
 
] [http://s1.shard.jp/losaul/steel-houses-australia.html steel houses australia] [http://s1.shard.jp/losaul/beds-online-australia.html all saints australian
 
] [http://s1.shard.jp/frhorton/64klk5ggy.html baswana africa
 
] [http://s1.shard.jp/bireba/avg-antivirus-73.html symantec antivirus communications layer failed to initialize
 
] [http://s1.shard.jp/olharder/automation-building.html automated payment services inc
 
] [http://s1.shard.jp/frhorton/3l77ipk2f.html cricket south africa england latest score
 
] [http://s1.shard.jp/losaul/australia-transcriber.html embajada de australia en colombia
 
] [http://s1.shard.jp/galeach/new192.html asian bookie odds
 
 
 
{{Template:SecureSoftware}}
 
{{Template:SecureSoftware}}
  

Latest revision as of 07:50, 3 June 2009


Overview

Purpose:

  • Provide unit-level semantic input validation.
  • Identify reliability errors in a structured way at the earliest point in time.

Role:

  • Implementer

Frequency:

  • As needed; generally as functions or methods are modified.

Interface contracts are also commonly known as assertions. They can be a formidable tool for preventing security problems - particularly if applied consistently, and rigorously.

In many application development processes, interface contracts are not enabled in production software. They are removed by habit in order to improve efficiency. If the efficiency impact is nominal for the project, CLASP strongly recommends leaving such checks in the code for the sake of security.

Otherwise, checks of security critical parameters should be implemented using a permanent mechanism, such as code directly at the top of the function, as discussed in activities below.

Implement validation and error handling on function or method inputs

For each method or function visible outside its compilation unit, specify in code what the expectations are for valid input values. One should validate that each input variable has a valid value in and of itself, and should determine validity in relation to other inputs. Validation checks should contain no side effects. Failures should be handled as specified in design. See CLASP Resource B for the concept on input validation.

Input variables should not be constrained to parameters. Any variable read by the function or method should be considered an input variable - including global variables, and class and method variables. Note that some interface contract facilities will allow specifying invariants for an entire class - i.e., things that must always be true about class data before and after each method invocation - once.

Implement validation on function or method outputs

Perform the same validation between relationships before exiting a function or method. Output specifications are meant to provide a clear behavioral specification to calling code to prevent accidental misuse.

Generally, output validation code is most useful in implementation. It is reasonable to disable such code for deployment or even use pseudo-code if absolutely necessary.