Project

General

Profile

Secure Coding Standard

The strongSwan project adheres to the following recommendations and rules proposed by the CERT C Secure Coding Standard:

(This is work under progress. Through inspection of our code the Check Adherence items must be assigned to one of the other three categories first. Then we intend to move recommendations and rules of the Partial Adherence category to Full Adherence by fixing our code in those places where we don't adhere yet)

Preprocessor (PRE)

Full Adherence

Partial Adherence

Check Adherence

No Adherence

Declarations and Initialization (DCL)

Full Adherence

Partial Adherence

Check Adherence

No Adherence

Expressions (EXP)

Full Adherence

Partial Adherence

Check Adherence

No Adherence

Integers (INT)

Full Adherence

Partial Adherence

Check Adherence

Floating Point (FLP)

Arrays (ARR)

Characters and Strings (STR)

Memory Management (MEM)

Input Output (FIO)

Environment (ENV)

Signals (SIG)

Error Handling (ERR)

Application Programming Interfaces (API)

Concurrency (CON)

Miscellaneous (MSC)

POSIX (POS)