How to do secure coding and create secure software.

From: Amit
Date: Mon Mar 10 2025 - 02:51:05 EST

Next message: Akihiko Odaki: "Re: [PATCH net-next v9 1/6] virtio_net: Add functions for hashing"
Previous message: Alexey Dobriyan: "Re: [patch V3 06/18] posix-timers: Remove SLAB_PANIC from kmem cache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---------------------------------------------------
How to do secure coding and create secure software.
---------------------------------------------------

I can do secure coding and no one can hack my code. You can challenge me on
this.

Ultimately, all software boil down to functions/methods. If functions/methods
are secure then the whole software is secure.

I am listing the three main points of secure coding below. These points are
applicable to all languages.

1. The first point is that all the arguments to your function should be checked
always whether they are in the allowed range or not, even if your function is
called from other trusted functions. The value of a function argument should not
be unbounded, it should be within a bounded range. For example, you can specify
that the string argument accepts at most 1024 characters. And then you have to
check whether the length of the string is less than or equal to 1024 or not
(for this, you will have to write your own strlen() function, you can't depend
on the strlen() function of any library because the library's version will keep
counting until it finds '\0' character and by then your program may crash.
If you are using C language then you can use strnlen() function. The code will
be "len = strnlen(str, 1025); if (len == 1025) { return error; }". Similarly,
your 'int' arguments, 'float' arguments, etc. should also have a valid range.
Also, always check a pointer argument whether it is NULL or not.

2. Avoid using global variables. In object oriented languages avoid using public
variables as much as possible. In C language also you should avoid global
variables, but in case you need to use some, then make them 'static' so that
they are not visible outside the file.

3. Don't expose all functions/methods to the user. Expose only those functions/
methods that the user will actually need, rest of the functions/methods should
be private/protected in object oriented languages and static in C language.

Now, an opposing argument may be that checking all the function arguments will
take more time but actually because of very fast processors available these
days, it will not take noticeable time. On a 1 GHz processor, you can execute
1 Gig (2^30 or 10^9 for simplicity) instructions per second. So, if you are
checking a pointer for NULL then it will be around 10 instructions or let's say
may be 100 instructions. So, this will take only one tenth of a microsecond
(10^-7 seconds). So, time consumed in checking arguments is not a big issue.

In my opinion, if you follow these points then your function/software will be
secure. I follow these points and my functions/software are fully secure, they
can't be hacked.

----

Next message: Akihiko Odaki: "Re: [PATCH net-next v9 1/6] virtio_net: Add functions for hashing"
Previous message: Alexey Dobriyan: "Re: [patch V3 06/18] posix-timers: Remove SLAB_PANIC from kmem cache"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]