首页 > 未分类 > Prevent detects these and many other defects in C/C++ code

Prevent detects these and many other defects in C/C++ code

2009年1月8日 baoz 阅读评论 654 views

Critical Defects

Concurrency

  • Deadlocks
  • Race conditions
  • Blocking call misuse

Performance Degradation

  • Memory leaks
  • File handle leaks
  • Custom memory and network resource leaks
  • Database connection leaks

Crash-Causing Defects

  • Null pointer deference
  • Use after free
  • Double free
  • Improper memory allocations
  • Mismatched array new/delete

Incorrect Program Behavior

  • Dead code caused by logical errors
  • Uninitialized variables
  • Invalid use of negative variables

Improper Use of APIs

  • STL usage errors
  • API error handling

Security Vulnerabilities

Secure Coding Defects

  • Buffer overflows
  • Integer overflows
  • Missing/insufficient validation of malicious data and string input
  • Format string vulnerabilities
  • SQL injection attacks
  • Cross-site scripting attacks

Defect Implications

  • Total system compromise
  • Denial of service attacks
  • Privilege escalation
  • Leaking confidential data
  • Data loss
  • Arbitrary code execution

包子猜您可能还喜欢下列文章:

  1. Source Code Security Analyzers
  2. Coverity Prevent Extend Static Analysis
  3. Protecting Your Code with Visual C++ Defenses
  4. What PREfast Can Detect
  5. Input Validation Is Not The Answer

分类: 未分类 标签:
  1. 本文目前尚无任何评论.
  1. 本文目前尚无任何 trackbacks 和 pingbacks.