Secure Coding Standard » History » Version 2
Andreas Steffen, 27.05.2013 17:13
Added first PRE rules
| 1 | 1 | Andreas Steffen | h1. Secure Coding Standard |
|---|---|---|---|
| 2 | 1 | Andreas Steffen | |
| 3 | 1 | Andreas Steffen | The strongSwan project adheres to the following rules recommended by the "CERT C Secure Coding Standard":https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Secure+Coding+Standard: |
| 4 | 1 | Andreas Steffen | |
| 5 | 1 | Andreas Steffen | h2. Preprocessor (PRE) |
| 6 | 1 | Andreas Steffen | |
| 7 | 2 | Andreas Steffen | h3. Full Adherence |
| 8 | 2 | Andreas Steffen | |
| 9 | 2 | Andreas Steffen | * "PRE03-C. Prefer typedefs to defines for encoding types":https://www.securecoding.cert.org/confluence/display/seccode/PRE03-C.+Prefer+typedefs+to+defines+for+encoding+types |
| 10 | 2 | Andreas Steffen | |
| 11 | 2 | Andreas Steffen | * "PRE04-C. Do not reuse a standard header file name":https://www.securecoding.cert.org/confluence/display/seccode/PRE04-C.+Do+not+reuse+a+standard+header+file+name |
| 12 | 2 | Andreas Steffen | |
| 13 | 2 | Andreas Steffen | h3. Partial Adherence |
| 14 | 2 | Andreas Steffen | |
| 15 | 2 | Andreas Steffen | * "PRE00-C. Prefer inline or static functions to function-like macros ":https://www.securecoding.cert.org/confluence/display/seccode/PRE00-C.+Prefer+inline+or+static+functions+to+function-like+macros |
| 16 | 2 | Andreas Steffen | |
| 17 | 2 | Andreas Steffen | * "PRE01-C. Use parentheses within macros around parameter names":https://www.securecoding.cert.org/confluence/display/seccode/PRE01-C.+Use+parentheses+within+macros+around+parameter+names |
| 18 | 2 | Andreas Steffen | |
| 19 | 2 | Andreas Steffen | * "PRE02-C. Macro replacement lists should be parenthesized":https://www.securecoding.cert.org/confluence/display/seccode/PRE02-C.+Macro+replacement+lists+should+be+parenthesized |
| 20 | 2 | Andreas Steffen | |
| 21 | 1 | Andreas Steffen | h2. Declarations and Initialization (DCL) |
| 22 | 1 | Andreas Steffen | |
| 23 | 1 | Andreas Steffen | h2. Expressions (EXP) |
| 24 | 1 | Andreas Steffen | |
| 25 | 1 | Andreas Steffen | h2. Integers (INT) |
| 26 | 1 | Andreas Steffen | |
| 27 | 1 | Andreas Steffen | h2. Floating Point (FLP) |
| 28 | 1 | Andreas Steffen | |
| 29 | 1 | Andreas Steffen | h2. Arrays (ARR) |
| 30 | 1 | Andreas Steffen | |
| 31 | 1 | Andreas Steffen | h2. Characters and Strings (STR) |
| 32 | 1 | Andreas Steffen | |
| 33 | 1 | Andreas Steffen | h2. Memory Management (MEM) |
| 34 | 1 | Andreas Steffen | |
| 35 | 1 | Andreas Steffen | h2. Input Output (FIO) |
| 36 | 1 | Andreas Steffen | |
| 37 | 1 | Andreas Steffen | h2. Environment (ENV) |
| 38 | 1 | Andreas Steffen | |
| 39 | 1 | Andreas Steffen | h2. Signals (SIG) |
| 40 | 1 | Andreas Steffen | |
| 41 | 1 | Andreas Steffen | h2. Error Handling (ERR) |
| 42 | 1 | Andreas Steffen | |
| 43 | 1 | Andreas Steffen | h2. Application Programming Interfaces (API) |
| 44 | 1 | Andreas Steffen | |
| 45 | 1 | Andreas Steffen | h2. Concurrency (CON) |
| 46 | 1 | Andreas Steffen | |
| 47 | 1 | Andreas Steffen | h2. Miscellaneous (MSC) |
| 48 | 1 | Andreas Steffen | |
| 49 | 1 | Andreas Steffen | h2. POSIX (POS) |