C Secure Coding Tasks, Skills and Knowledge

Calendar

Quicksearch

Blog Administration

C Secure Coding Tasks, Skills and Knowledge

Saturday, January 17. 2009

GSSP (GIAC Secure Software Programmer): C Secure Coding Tasks, Skills and Knowledge

/*
This is a PDF file from the SANS Institute on secure C-coding practices.
From the PDF...
*/

This document enumerates common C coding tasks and identifies rules, recommendations, and guidelines for accomplishing these tasks securely.

/*
A lot of the material I've seen so far has been common-sense stuff (input validation, mistrust of environment variables, etc), but it's nice having it in a form not unlike a checklist. You write a new function or new class, and then run down the list; making sure you've followed each item. There's also one of these for Java ("booo") and .Net ("hisssssss").

Weighing in at only 10 pages, I think this one is worth wasting dead trees on.
*/

Posted by TJE in Articles, C, Cryptography/Privacy, News, Programming at 04:04

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

No comments

The author does not allow comments to this entry

C Secure Coding Tasks, Skills and Knowledge

forkb0mb.org

Calendar

Quicksearch

Categories

Archives

Blog Administration

C Secure Coding Tasks, Skills and Knowledge

Saturday, January 17. 2009