C++: what are the most common vulnerabilities and how to avoid them?

This site may have links to what you are looking for:

http://www.deitel.com/ResourceCenters/Programming/C/CSecurity/tabid/1549/Default.aspx


I guess I'll add that one of the most common problems in C and C++ is buffer overflow:

http://en.wikipedia.org/wiki/Buffer_overflow#Use_of_safe_libraries

For that, use only functions that check boundaries, like strncpy() instead of strcpy().


There are also problems such as 1. Segmentation Fault 2. Memory Leak 3. Memory Allocation errors, etc that might be of your concern...


Many resources are available, some in question are:

  • SEI CERT C++ Coding Standard
  • SEI CERT C Coding Standard
  • The more language-agnostic Writing Secure Code book from Microsoft Press (funny, I know)
  • David Wheeler's Secure Programming in Linux/Unix

Tags:

C++