Content deleted Content added
m →Other Tips to Secure Your Code: added dashes |
m clean up, typo(s) fixed: occured → occurred |
||
Line 34:
// Copy input without exceeding the length of the destination.
strncpy(str, input, sizeof(str));
// If strlen(input) >= sizeof(str) then strncpy won't null terminate.
Line 152:
** You cannot prove the security of any code in [[userland (computing)|userland]], or, more commonly known as: ''"never trust the client"''.
These three rules about data security describe how to handle any data, internally or externally sourced:
'''All data is important until proven otherwise''' - means that all data must be verified as garbage before being destroyed.
'''All data is tainted until proven otherwise''' - means that all data must be handled in a way that does not expose the rest of the runtime environment without verifying integrity.
'''All code is insecure until proven otherwise''' - while a slight misnomer, does a good job reminding us to never assume our code is secure as bugs or [[Undefined Behavior]] may expose the project or system to attacks such as common [[SQL injection]] attacks.
Line 165:
* [[Assertion (computing)|Assertions]] (also called '''assertive programming''')
* Prefer [[Exception handling|exceptions]] to return codes
** Generally speaking, it is preferable to throw exception messages that enforce part of your [[application programming interface|API]] [[Design by contract|contract]] and guide the developer instead of returning error code values that do not point to where the exception
==See also==
| |||