C++: what are the most common vulnerabilities and how to avoid them?

As I code, I try to be security-conscious all the time. The problem is that I need to know what to look for and what to prevent.

Is there a list somewhere of the most common (C++) software vulnerabilities and how开发者_如何转开发 to avoid them?

What about C++ software for specific uses, e.g. a linux console software or a web application?

Many resources are available, some in question are:

• SEI CERT C++ Coding Standard
• SEI CERT C Coding Standard
• The more language-agnostic Writing Secure Code book from Microsoft Press (funny, I know)
• David Wheeler's Secure Programming in Linux/Unix

This site may have links to what you are looking for:

http://www.deitel.com/ResourceCenters/Programming/C/CSecurity/tabid/1549/Default.aspx

I guess I'll add that one of the most common problems in C and C++ is buffer overflow:

http://en.wikipedia.org/wiki/Buffer_overflow#Use_of_safe_libraries

For that, use only functions that check boundaries, like strncpy() instead of strcpy().

There are also problems such as 1. Segmentation Fault 2. Memory Leak 3. Memory Allocation errors, etc that might be of your concern...