Let's Parse to Prevent Pwnage presented at 5th USENIX Workshop on Large-Scale Exploits and Emergent Threats 2012

by Mike Samuel, Ulfar Erlingsson,

Tags: Data Confusion Parsing

URL : https://www.usenix.org/lets-parse-prevent-pwnage

Summary : Software that processes rich content suffers from en- demic security vulnerabilities. Frequently, these bugs are due to data confusion: discrepancies in how content data is parsed, composed, and otherwise processed by dif- ferent applications, frameworks, and language runtimes. Data confusion often enables code injection attacks, such as cross-site scripting or SQL injection, by leading to in- correct assumptions about the encodings and checks ap- plied to rich content of uncertain provenance. However, even for well-structured, value-only content, data con- fusion can critically impact security, e.g., as shown by XML signature vulnerabilities [12].
This paper advocates the position that data confusion can be effectively prevented through the use of simple mechanisms—based on parsing—that eliminate ambi- guities by fully resolving content data to normalized, clearly-understood forms.
Using code injection on the Web as our motivation, we make the case that automatic defense mechanisms should be integrated with programming languages, ap- plication frameworks, and runtime libraries, and applied with little, or no, developer intervention. We outline a scalable, sustainable approach for developing and main- taining those mechanisms. The resulting tools can offer comprehensive protection against data confusion, even when multiple types of rich content data are processed and composed in complex ways.