SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 20

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 21

changes.mady.by.user Glenn Stroz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Wiki Markup
See [MEM06-C. Ensure that sensitive data is not written out to disk|MEM06-C. Ensure that sensitive data is not written out to disk].
While using a password, consider storing its hash instead of plaintext. Use the hash for comparisons and other purposes. The following code \[[Viega 01|AA. C References#Viega 01]\] illustrates this:

Code Block
bgColor#ccccff

int validate(char *username) {
  char *password;
  char *checksum;
  password = read_password();
  checksum = compute_checksum(password);
  erase(password);  /* securely erase password */
  return !strcmp(checksum, get_stored_checksum(username));
}

...

      49. Miscellaneous (MSC)      Image Modified