SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 23

changes.mady.by.user Pennie Walters

Saved on

compared with

New Version 24

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by NavBot (jp)

...

Wiki Markup
See [MEM06-C. Ensure that sensitive data is not written out to disk|MEM06-C. Ensure that sensitive data is not written out to disk].
While using a password, consider storing its hash instead of plaintext. Use the hash for comparisons and other purposes. The following code \[[Viega 01|AA. C References#Viega 01]\] illustrates this:

...

  1. Be aware of compiler optimization when erasing memory (see MSC06-C. Be aware of compiler optimization when dealing with sensitive data).
  2. Wiki Markup
    Use secure erase methods specified in US Department of Defense Standard 5220 \[[DOD 5220|AA. C References#DOD 5220]\] or Peter Gutmann's paper \[[Gutmann 96|AA. C References#Gutmann 96]\].

...

Wiki Markup
\[[DOD 5220|AA. C References#DOD 5220]\]
\[[Gutmann 96|AA. C References#Gutmann 96]\]
\[[Lewis 06|AA. C References#Lewis 06]\]
\[[Viega 01|AA. C References#Viega 01]\]

...

      49. Miscellaneous (MSC)