Revision as of 09:46, 8 February 2021 edit 83.77.42.203 (talk) →Offensive programming: fixed typo ← Previous edit		Revision as of 14:55, 10 June 2021 edit undo Jonesey95 (talk \| contribs) Autopatrolled, Extended confirmed users, Page movers, Mass message senders, Template editors 410,387 edits m Fix Linter errors. Next edit →
Line 143: ===Other techniques=== <!-- Please expand this article. These random notes should be changed to a more coherent article. --> * One of the most common problems is unchecked use of constant-size structures and functions for dynamic-size data (the [[buffer overflow]] problem). This is especially common for [[string (computer programming)\|string]] data in [[C (programming language)\|C]]. C library functions like <ttcode>gets</ttcode> should never be used since the maximum size of the input buffer is not passed as an argument. C library functions like <ttcode>scanf</ttcode> can be used safely, but require the programmer to take care with the selection of safe format strings, by sanitizing it before using it. * Encrypt/authenticate all important data transmitted over networks. Do not attempt to implement your own encryption scheme, but use a proven one instead. * All [[data]] is important until proven otherwise.

Defensive programming: Difference between revisions