SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 46

changes.mady.by.user Will Snavely

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Do not hard code sensitive data in programs.

Hard coding sensitive data is considered very bad programming practice because it enforces the requirement of the development environment to be secureSee MSC41-C. Never hard code sensitive information for details.

Disable memory dumps.

Memory dumps are automatically created when your program crashes. They can contain information stored in any part of program memory. Therefore, memory dumps should be disabled before an application is shipped to users. See MEM06-C. Ensure that sensitive data is not written out to disk for details.

...

If sensitive data is not handled correctly in a program, an attacker can gain access to it.

Recommendation

Severity

Likelihood

Remediation Cost

Priority

Level

MSC18-C

Medium

Probable

Medium

P8

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Automated Detection

ToolVersionCheckerDescription
CodeSonar
Include Page
CodeSonar_V
CodeSonar_V

HARDCODED.AUTH

HARDCODED.KEY

HARDCODED.SALT

MISC.

CRYPTO

PWD.

NOPAD

PLAIN

MISC.PWD.

PLAIN

PLAINTRAN

Hardcoded Authentication

Hardcoded Crypto Key

Hardcoded Crypto Salt

Encryption without Padding

Plaintext Storage of Password

Plaintext

Storage of Password

Transmission of Password

PC-lint Plus

Include Page
PC-lint Plus_V
PC-lint Plus_V

586

Partially supported: reports functions that read passwords from the user or that take a password as an argument instead of prompting the user as well as insecure password erasure

Polyspace Bug Finder
R2016a

Include Page
Polyspace Bug Finder_V
Polyspace Bug Finder_V

CERT C: Rec. MSC18-C


Checks for:

  • Constant or predictable block cipher initialization vector
  • Constant or predictable cipher key
  • Sensitive heap memory not cleared before release
  • Uncleared sensitive data in stack
  • Unsafe standard encryption function

Sensitive data not cleared or released by memory routine

Variable in stack is not cleared and contains sensitive data

Function is not reentrant or uses a risky encryption algorithm

Rec. partially covered.

Related Guidelines

CERT Oracle Secure Coding Standard for JavaMSC03-J. Never hard code sensitive information
CERT C Secure Coding StandardMSC41-C. Never hard code sensitive information
MITRE CWECWE-259, Use of Hard-coded Password
CWE-261, Weak Cryptography for Passwords
CWE-311, Missing encryption of sensitive data
CWE-319, Cleartext Transmission of Sensitive Information
CWE-321, Use of Hard-coded Cryptographic Key
CWE-326, Inadequate encryption strength
CWE-798, Use of hard-coded credentials

Bibliography

[DOD 5220]Standard 5220
[Gutmann 1996]"Secure Deletion of Data from Magnetic and Solid-State Memory"
[Lewis 2006]"Security Considerations when Handling Sensitive Data"
[Viega 2001]"Protecting Sensitive Data in Memory"

...


...

Image Modified Image Modified Image Modified