Security Checklist for C/C++ Programs #
C and C++ are two of the most-used languages for applications and system programming. This security checklist, written for security auditors and secure development practitioners, provides a wide range of security issues to look for when reviewing C and C++ code. It covers both language-specific bug classes and environment-specific security issues spanning the Linux and Windows operating systems, including usermode applications and kernelmode drivers. While no checklist can be exhaustive, we hope that this document serves as a strong starting point for the most common and impactful security issues that may be found in C and C++ code.