Secure Coding
Some tips for being careful when developing code:
- Read complier errors AND warnings
- Check return values for errors
- Check pointers for NULL
- Initialize pointers to NULL
- Free memory when it is no longer needed
- Max sizes on strings, containers
- Compare variables of different sizes/signedness
The Power of 10¶
The ten rules are1:
- Avoid complex flow constructs, such as goto and recursion.
- All loops must have fixed bounds. This prevents runaway code.
- Avoid heap memory allocation.
- Restrict functions to a single printed page.
- Use a minimum of two runtime assertions per function.
- Restrict the scope of data to the smallest possible.
- Check the return value of all non-void functions, or cast to void to indicate the return value is useless.
- Use the preprocessor sparingly.
- Limit pointer use to a single dereference, and do not use function pointers.
- Compile with all possible warnings active; all warnings should then be addressed before release of the software.