Reputation: 14729
C++: what are the most common vulnerabilities and how to avoid them?
As I code, I try to be security-conscious all the time. The problem is that I need to know what to look for and what to prevent.
Is there a list somewhere of the most common (C++) software vulnerabilities and how to avoid them?
What about C++ software for specific uses, e.g. a linux console software or a web application?
Upvotes: 22
Views: 10823
Answers (3)
Reputation: 79901
Many resources are available, some in question are:
- SEI CERT C++ Coding Standard
- SEI CERT C Coding Standard
- The more language-agnostic Writing Secure Code book from Microsoft Press (funny, I know)
- David Wheeler's Secure Programming in Linux/Unix
Upvotes: 17
Reputation: 1259
There are also problems such as 1. Segmentation Fault 2. Memory Leak 3. Memory Allocation errors, etc that might be of your concern...
Upvotes: 2
Reputation: 37930
This site may have links to what you are looking for:
http://www.deitel.com/ResourceCenters/Programming/C/CSecurity/tabid/1549/Default.aspx
I guess I'll add that one of the most common problems in C and C++ is buffer overflow:
http://en.wikipedia.org/wiki/Buffer_overflow#Use_of_safe_libraries
For that, use only functions that check boundaries, like strncpy() instead of strcpy().
Upvotes: 5
Related Questions
- Design problems in C++
- C++ Code Possible Issues
- What are some C++ related idioms, misconceptions, and gotchas that you've learnt from experience?
- Includes causing problems in c++. How to learn to do c++ right
- Some unexplained errors in C++
- C++ exception safety paranoia: how much is too much?
- C++ few beginner errors
- What are the potential security vulnerabilities? C++
- common errors and fixes in C++
- Most common reasons for unstable bugs in C++?