SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 47

changes.mady.by.user Steve Christey

Saved on

compared with

New Version 48

changes.mady.by.user Justin Pincar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

This rule appears in the C++ Secure Coding Standard as MSC06-CPP. Be aware of compiler optimization when dealing with sensitive data.

References

Wiki Markup
\[[ISO/IEC 9899:1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.7.3, "Type qualifiers"
\[[US-CERT|https://buildsecurityin.us-cert.gov/daisy/bsi-rules/home/g1/771.html]\] "MEMSET"
\[[MITRE 07|AA. C References#MITRE 07]\] [CWE ID 14|http://cwe.mitre.org/data/definitions/14.html], "Compiler Removal of Code to Clear Buffers"
\[[MSDN|AA. C References#MSDN]\] "[SecureZeroMemory|http://msdn.microsoft.com/en-us/library/aa366877.aspx]"
\[[MSDN|AA. C References#MSDN]\] "[Optimize (C/C++)|http://msdn.microsoft.com/en-us/library/chh3fb0k(VS.80).aspx]"
\[[Wheeler 03|AA. C References#Wheeler 03]\] [Section 11.4|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/protect-secrets.html], "Specially Protect Secrets (Passwords and Keys) in User Memory"

...