Revision as of 15:51, 25 February 2002 edit Conversion script (talk \| contribs) 10 edits m Automated conversion ← Previous edit		Revision as of 20:24, 26 February 2002 edit undo Darius Bacon (talk \| contribs) 60 edits mNo edit summary Next edit →
Line 1: ~~Some~~Here ~~hints~~are ~~how~~some ~~should~~hints ~~you~~on ~~code~~coding to avoid security problems. Many of these techniques also improve general quality of code., because almost any major bug can be potentially used by a [[cracker]] infor a [[Denial of Service]] or other attack.▼ ~~That's because almost any major bug can be potentially used by a [[cracker]]~~ ▲in [[Denial of Service]] or other attack. <i>Please expand this article. These random notes should be changed to a more coherent article.</i> One of the the most common problems is ~~usage~~unchecked use of constant-size structures and functions for dynamic-size data (the [[buffer overflow]] problem). This is especially ~~usual problems~~common for [[string]] data in [[C]]. You should never use functions like <tt>~~sprintf~~gets</tt> and <tt>~~strcpy~~scanf</tt>. Never make your code more complex ~~that~~than necessary. Complexity isbreeds ~~very~~bugs, ~~common~~including ~~source~~security ~~of bugs,~~problems. ~~including security problems.~~ Either leave your code available to everyone on the Net (see [[Free software]]) Line 27 ⟶ 25: If you check data for correctness, check if it's correct, not if it is incorrect. ~~Cracker~~Crackers are likely to invent new kinds of ~~incorect~~incorrect data. For example, if you checked if a requested file is not "/etc/passwd", a cracker might pass ~~other~~another name of this file, like "/etc/../etc/passwd".

Defensive programming: Difference between revisions