Difference between revisions of "Cpp Coding Standards/SECURITY/BuffOver"
From Apache OpenOffice Wiki
(Initial revision) |
m |
||
| Line 1: | Line 1: | ||
| − | Check range and validity of buffers before you write into them. Always pass buffer sizes to functions. Always check buffer limits in loops, and don't rely on special markers in data that might come from the outside. Don't use functions that don't have a buffer size argument (see [[ | + | Check range and validity of buffers before you write into them. Always pass buffer sizes to functions. Always check buffer limits in loops, and don't rely on special markers in data that might come from the outside. Don't use functions that don't have a buffer size argument (see [[../UnsafeFunc|unsafe functions]]). A malicious attacker would otherwise be able to write into memory that might later directly or indirectly execute hostile code. |
See also David Wheeler's excellent [http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html Secure Programming for Linux and Unix HOWTO]. | See also David Wheeler's excellent [http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html Secure Programming for Linux and Unix HOWTO]. | ||
Revision as of 16:07, 1 December 2006
Check range and validity of buffers before you write into them. Always pass buffer sizes to functions. Always check buffer limits in loops, and don't rely on special markers in data that might come from the outside. Don't use functions that don't have a buffer size argument (see unsafe functions). A malicious attacker would otherwise be able to write into memory that might later directly or indirectly execute hostile code.
See also David Wheeler's excellent Secure Programming for Linux and Unix HOWTO.
