In April 2014, it was publicly disclosed that a security bug dubbed “Heartbleed” made almost every communication over internet servers, including those performed by the majority of HTTPS websites, vulnerable to extensive data breaches. Private data of hundreds of thousands of devices became accessible, and the Canadian government shutdown online services of the Canadian Revenue Agency (CRA), but not before a hacker obtained about 900 social insurance numbers.

The error was caused by improper buffer overflow handling. A buffer is a low-level region of physical memory storage, which is used to temporarily store information. When reading from or writing to a buffer, many programming languages don’t automatically check that the amount of data you are trying to read or write to matches the size of the buffer. If there is no check, a hacker could read more information than fits in the buffer to access information they are not supposed to. This is the buffer overflow problem that led to so much private data being compromised in the Heartbleed incident.

So how do you prevent the bug?

There are several ways to avoid the bug. One is to simply use a programming language that protects against these vulnerabilities. Java, Python, and .NET for example are strongly typed and have built in checking for these type of issues within the compiler. If a weakly typed language such as C must be used, safe platform-specific functions can be used, such as Microsoft’s “strcpy_s” and “strcat_s” functions.

Finally, if no platform-specific functions are available, you can manually check input and output data by truncating the information to the desired length and adding a null terminating character. For example, say that if a user enters “foo” in a serial terminal, the program should respond “bar”. Since the user input string and the output string should both have a length of 3 characters, only the first three characters should be stored in a buffer and a null terminator should be added onto the end. This prevents crashes from user input larger than the buffer size, and also prevents too much data from being read.

-- BA