Most software vulnerabilities are the result of small but reoccurring programming errors that could be easily avoided if programmers learned to recognize them and understand their potential harm. In particular, the C and C++ programming languages have proved highly susceptible to these classes of errors. This knowledge area of the Build Security In web site describes coding practices that can be used to mitigate against these common problems in C and C++.
Most of the documents in this knowledge area are excerpted from the CERT book Secure Coding in C and C++ , written by Robert C. Seacord with contributions from other members of the CERT Coordination Center. The mitigation strategies included in this knowledge area deal primarily with vulnerabilities resulting from programming errors in string manipulation, integer operations, and dynamic memory management. For a more complete description of common programming errors and the resulting vulnerabilities, please see Secure Coding in C and C++.
Secure coding requires an understanding of common programming errors that lead to software vulnerabilities and the knowledge and use of alternative approaches that are less error prone. Secure coding can also benefit from the proper use of software development tools, including compilers. Compilers typically have options that allow increased or specific diagnostics to be performed on code during compilation. Resolving these warnings (by correcting the problem or determining that the warning is superfluous) can improve the security of your deployed software system. Compilers can also provide options that influence runtime settings, such as the /GS flag in Microsoft Visual Studio. Understanding available compiler options and making informed decisions about which options to use and which to omit can help eliminate vulnerabilities and mitigate against runtime exploitation of undiscovered or unresolved vulnerabilities. An example of the use of compiler checks to mitigate against integer vulnerabilities is described in Compiler Checks. Examples of using other static and dynamic analysis tools to discover and mitigate vulnerabilities are described in Runtime Analysis Tools and Heap Integrity Detection.
Mitigation strategies are described, including security, performance, availability, ease of use, and other known quality attributes. We do not attempt to describe the conditions under which one mitigation strategy is preferred to another. Instead, we assume that you (the customer of the information) know what your requirements and constraints are and can make an appropriate selection based on your analysis of this information and the information contained in the referenced resources.
Dynamic Memory Management
Documents in this section were authored by Robert C. Seacord and Daniel Plakosh. Documents were reviewed by Shawn Hernan, Michael Howard, and Steve Lipner of Microsoft, Jeffrey Voas of SAIC, and Gary McGraw of Cigital. Editing was performed by Pamela Curtis of the SEI.
 Seacord, Robert C. Secure Coding in C and C++. Boston, MA: Addison Wesley Professional, 2005 (ISBN 0321335724).
Copyright © Carnegie Mellon University 2005-2012.
This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at firstname.lastname@example.org.
The Build Security In (BSI) portal is sponsored by the U.S. Department of Homeland Security (DHS), National Cyber Security Division. The Software Engineering Institute (SEI) develops and operates BSI. DHS funding supports the publishing of all site content.
THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWARE ENGINEERING INSTITUTE IS FURNISHED ON AN “AS-IS" BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT.