Chapter 5
Writing Secure Code
What's in This Chapter?
Running a Static Security analysis
Tracking the status of security problems throughout the life of a project
Understanding the programming practices that can leave your code vulnerable to attack
Many security threats take advantage of weaknesses introduced in programs written in C or C++. The weak type checking and the ability to write programs that directly access memory and hardware make it easy to write insecure programs. Most attacks fall into one of two categories:
- Threats that crash or overwhelm an application
- Threats that hijack the code path by inserting foreign code
The Intel compiler's Static Security analysis detects many of these code weaknesses, displaying the results in Intel Inspector XE. More than 250 different errors are detected in the following categories:
- Buffer overflows and boundary violations
- Uninitialized variables and objects
- Memory leaks
- Incorrect usage of pointers and dynamically allocated memory
- Dangerous use of unchecked input
- Arithmetic overflow and divide by zero
- Dead or redundant code
- Misuse of string, memory, and formatting library routines
- Inconsistent object declarations in different program units
- Incorrect use of OpenMP and Intel Cilk Plus
- Error-prone C++ and Fortran language usage
This chapter discusses how to use Intel Parallel Studio XE to perform Static Security analysis on your code. The primary goal of Static Security analysis is to harden applications against security attacks, but ...
Get Parallel Programming with Intel® Parallel Studio XE now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.