Revision as of 21:44, 8 September 2004 edit Michael Hardy (talk \| contribs) Administrators 210,577 edits No edit summary ← Previous edit		Revision as of 00:28, 15 September 2004 edit undo Gadfium (talk \| contribs) Autopatrolled, Administrators 177,365 edits m Fix link Next edit →
Line 12: * One of the most common problems is unchecked use of constant-size structures and functions for dynamic-size data (the [[buffer overflow]] problem). This is especially common for [[string]] data in [[C programming language\|C]]. C library functions like <tt>gets</tt> and <tt>scanf</tt> should never be used since the maximum size of the input buffer is not passed as an argument. * Never make code more complex than necessary. Complexity breeds bugs, including security problems. * Either leave the code available to everyone on the Net (see [[Free software]] or [[~~open~~Open ~~source~~Source ~~definition~~Definition]]) or hire someone who will perform a software [[security audit]]. * If possible, reuse code instead of writing from scratch. * Encrypt all important data transmitted over networks.

Defensive programming: Difference between revisions