Secure C++ coding practices

Shinnok picture Shinnok · Jan 24, 2011 · Viewed 7.9k times · Source

I am looking for a comprehensive record of secure coding practices in C++. Since i haven't found such a list existing here already we might as well make this into a community wiki, for further reference. I am looking for solutions to security issues like stack and heap based buffer overflows and underflows, integer overflows and underflows, format string attacks, null pointer dereferencing, heap/memory inspection attacks, etc..

NB: Besides coding practices, secure libraries that defend against these kind of attacks are worth mentioning too.

LE: As suggested by MSalters in comments this question has been split into two separate questions one for C++ and one for C. Also see Secure C coding practices.

Answer

klynch picture klynch · Jan 24, 2011

The book Writing Secure Code (only sample pages in this link) is very good at explaining security issues and how to avoid them. The book has been out for a while, but most of the topics covered are still relevant.