There are tools such as static analysers and Todd and Theo's talk on strl*, porting security guidelines etc. and many books (that may or may not recommend c++ ;-)) and even Ada to C conversion but with added worries about compilers and obfuscation or the Go language where applicable but is there a particular reference many recommend or use to brush up for secure C coding in a fashion akin to K&R's "C bible" being recommended by past threads for learning C and referencing?
-- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) In Other Words - Don't design like polkit or systemd _______________________________________________________________________ I have no idea why RTFM is used so aggressively on LINUX mailing lists because whilst 'apropos' is traditionally the most powerful command on Unix-like systems it's 'modern' replacement 'apropos' on Linux is a tool to help psychopaths learn to control their anger. (Kevin Chadwick) _______________________________________________________________________
