US government warns against C and C++ code
In a new report, published in February 2024 by the White House, the government has prompted software developers to move away from programming languages that cause buffer overflows and other memory-related vulnerabilities.
The paper is exploring the existing reactive approach toward cybersecurity and the potential burden on users. In essence – it emphasizes the need for adopting proactive approaches to cybersecurity, mostly focusing around eliminating entire classes of vulnerabilities rather than just patching known ones.
The administration has introduced the Executive Order 14028 along with the National Cybersecurity Strategy – these advocate for rebalancing the responsibility and prioritizing long-term investments toward cybersecurity. They highlight the importance of cooperation between government, the industry, and the technical community in achieving these goals.
Quick overview
The paper emphasizes taking proactive measures to eliminate entire groups of existing software vulnerabilities. In particular, it suggests that manufacturers should publish CVEs data (Common Vulnerability and Exposures) and focus on CWE (Common Weakness Enumeration) to help better understand the prevalence of issues.
The paper also suggests using so-called memory-safe programming languages to mitigate such vulnerabilities. It identifies this approach as the most efficient, while exploring complementary approaches, including utilizing memory-safe hardware and implementing formal methods in some specific cases.
Memory safe programming languages
Addressing cybersecurity typically begins with the programming language being used – by incorporating modern features (for example memory safety), software products inherently become more secure and reliable.
Talking about existing products, adopting memory-safe coding languages through strategic, hybrid approaches – focusing around first rewriting high-risk components – can diminish the incidence of potential security risks. That means moving away from using C and C++ use in the first place.
The adoption of memory-safe programming languages is now both feasible and even strongly recommended. These ones being advised include C#, Rust, Java, JavaScript, Swift, and Ruby.
Formal methods
Testing alone isn’t enough to eliminate software vulnerabilities.
Formal methods that use mathematical techniques to prove software security are considered more reliable. The report mentions several formal methods, including sound static analysis, model checking, and so-called assertion-based testing, each offering different benefits in detecting software vulnerabilities.
Formal methods can be directly integrated into workflows, thus allowing for automated security verification. What’s more, using these when approaching software development further eliminates software vulnerabilities. Formal methods can accelerate the adoption of technology and streamline its safety and trustworthiness. According to the report, it’s a complementary approach to facilitate proactive cybersecurity and minimize potential vulnerabilities alongside switching to memory-safe programming languages.
Proactive cybersecurity
Transitioning from reactive to proactive cybersecurity involves engaging a much wider range of stakeholders. That means not only the CISO (Chief Information Security Officer), but also CIOs (Chief Information Officers) and the CTOs (Chief Technology Officers).
This approach suggests creating a cybersecurity quality metric to facilitate shared responsibility across roles. And that frames around three dimensions: software development, further analysis and testing, and execution. The first two dimensions, which reflect the inherent software quality, are of special interest for CIOs and CTOs. Meanwhile CISOs, while concerned with all three dimensions, should focus on creating resilient environments to mitigate potential vulnerabilities and their negative impact.
Security vulnerabilities to expect dealing with С/С++ applications
Buffer overflow
The most common problem, buffer overflow, can occur when programs write data beyond set buffer bounds. This vulnerability can be easily exploited to execute arbitrary code, overwrite data, or crash the application.
Integer overflow and underflow
Integer overflow and underflow mostly occurs when the integer value:
- Either exceeds the maximum representable value
- Or fails to meet the minimum representable value
This vulnerability might cause unexpected behavior, which includes memory corruption and breaches.
Injection attacks
Such attacks involve inserting malicious code into programs to execute unintended commands or actions, thereby allowing unauthorized access.
Pointer initialization
Improper initialization can cause use-after-free and double-free access, as well as uninitialized memory access, thereby allowing security breaches and leakage.
Is this the moment to ditch С/С++ applications?
A secure, risk-based approach towards refactoring
Migrating legacy C/C++ codebases is generally considered impractical and eventually economically unfeasible. When converting legacy code, business leaders might struggle with handling platform-specific adaptation, dependency management, performance optimization, and serious security concerns.
Abto Software sees one possible solution in refactoring high-risk components.
This strategy is recommended in scenarios with the following conditions:
- The codebase contains components being susceptible to common security vulnerabilities
- The codebase is well-structured and modular, so isolating and refactoring high-risk components without impacting overall functionality is easier
- Full-scale migration requires resources being prohibitive or impractical
- Risk mitigation is the topmost priority, so refactoring is favored as the secure approach to addressing security vulnerabilities if compared to migration
Explore our recent takes on handling legacy modernization:
Large-scale adoption of memory-safe programming languages
Migrating outdated C/C++ applications might require significant resources and present several challenges – legacy complexities, insufficient documentation, platform dependencies, and addressing business continuity. However, keeping legacy code and delaying migration projects might cause even more serious problems – security vulnerabilities (data breaches, malware infections, and more), compatibility challenges, and even regulatory non-compliance.
If you’re thinking about ditching your legacy codebase, no problem – Abto Software has the required expertise to help you out, from in-depth business analysis to refactoring and reengineering, and everything in between.
When entering into projects with similar technical complexities, we prioritize:
- Feasibility assessment – when approaching application migration, we evaluate the codebase (architecture, dependencies, critical functionality) to determine the scope and objectives
- Risk management and planning – when handling app migration, we prioritize thought-out strategies and cover risk management and planning to outline project timeline and budget, required resources, and responsibilities
- Code conversion – during legacy application migration, we convert existing code to the target platform using industry best practices
- Code finalization – handling legacy software migration, we always make sure to review and refine converted code to address any issues and inconsistencies
- Acceptance testing and improvement – comprehensive testing, feedback gathering, and iterations
- Quality assurance and deployment – at the final stage, we ensure application stability through careful quality assurance and execute the deployment, which includes data migration, server configuration, and performing compatibility testing in the production environment
Explore our recent projects associated with legacy migration:
How we can help
Abto Software empowers leaders moving towards embracing transformation by leveraging proven expertise. From in-depth legacy evaluation to planning, execution, validation, post-deployment maintenance, and support, our teams can cover it all.
Contact us to examine your legacy C/C++ programs and choose a strategy that suits your goals.
We handle:
- Platform migration
- Cloud migration
- Code refactoring and reengineering
- Performance optimization, and more
To deliver:
- Improved performance
- Enhanced functionality and scalability
- Data security
- Ensured compatibility
