Skip to content

Commit 64b949e

Browse files
KVGargKVGarg
committed
Update README.rst
1 parent abe35df commit 64b949e

File tree

2 files changed

+47
-0
lines changed

2 files changed

+47
-0
lines changed

Root/Security/README.rst

3 Bytes

+-------------------+----------------------------+------------------------------------------------------------------+ | ``Root.Security`` | `Parent <../README.rst>`_ | `Index `_ | +-------------------+----------------------------+------------------------------------------------------------------+ +---------------------+--------------------------------------+------------------------------------------+--------------------------------+--------------------------------------+ | **Sibling aspects** | `Metadata <../Metadata/README.rst>`_ | `Redundancy <../Redundancy/README.rst>`_ | `Smell <../Smell/README.rst>`_ | `Spelling <../Spelling/README.rst>`_ | +---------------------+--------------------------------------+------------------------------------------+--------------------------------+--------------------------------------+ Security ======== This aspects checks for code with flaws (or security weaknesses) in your codebase. Subaspects ========== This aspect does not have any sub aspects. Example ======= .. code-block:: C char buf[1024]; ssizet_t len; if ((len = readlink("/modules/pass1", buf, sizeof(buf)-1)) != -1) buf[len] = ''; Importance ========== Security weaknesses can enable malicious users to bypass access controls in order to obtain unauthorized privileges, which may result in: * Data loss or corruption * Denial of access * Complete host system takeover How to fix this ========== Some few ways to reduce the chance of a vulnerability being used against a system are: the use methods that check on availability of memory prior to writing, the eradication of null field access and null method call, the eradication of redundant condition (condition whose result depends on which part is executed first) etc...

Root.Security Parent Index
Sibling aspects Metadata Redundancy Smell Spelling

Security

This aspects checks for code with flaws (or security weaknesses) in your codebase.

Subaspects

This aspect does not have any sub aspects.

Example

char buf[1024];
ssizet_t len;
if ((len = readlink("/modules/pass1", buf, sizeof(buf)-1)) != -1)
    buf[len] = '';

Importance

Security weaknesses can enable malicious users to bypass access controls in order to obtain unauthorized privileges, which may result in:

  • Data loss or corruption
  • Denial of access
  • Complete host system takeover

How to fix this

Some few ways to reduce the chance of a vulnerability being used against a system are: the use methods that check on availability of memory prior to writing, the eradication of null field access and null method call, the eradication of redundant condition (condition whose result depends on which part is executed first) etc...

Root/Security/README2.rst

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
+-------------------+----------------------------+------------------------------------------------------------------+
2+
| ``Root.Security`` | `Parent <../README.rst>`_ | `Index <//github.com/coala/aspect-docs/blob/master/README.rst>`_ |
3+
+-------------------+----------------------------+------------------------------------------------------------------+
4+
5+
+---------------------+--------------------------------------+------------------------------------------+--------------------------------+--------------------------------------+
6+
| **Sibling aspects** | `Metadata <../Metadata/README.rst>`_ | `Redundancy <../Redundancy/README.rst>`_ | `Smell <../Smell/README.rst>`_ | `Spelling <../Spelling/README.rst>`_ |
7+
+---------------------+--------------------------------------+------------------------------------------+--------------------------------+--------------------------------------+
8+
9+
Security
10+
========
11+
This aspects checks for code with flaws (or security weaknesses) in your
12+
codebase.
13+
14+
Subaspects
15+
==========
16+
17+
This aspect does not have any sub aspects.
18+
19+
Example
20+
=======
21+
22+
.. code-block:: C
23+
24+
char buf[1024];
25+
ssizet_t len;
26+
if ((len = readlink("/modules/pass1", buf, sizeof(buf)-1)) != -1)
27+
buf[len] = '';
28+
29+
30+
Importance
31+
==========
32+
33+
Security weaknesses can enable malicious users to bypass access controls
34+
in order to obtain unauthorized privileges, which may result in:
35+
36+
* Data loss or corruption
37+
* Denial of access
38+
* Complete host system takeover
39+
40+
How to fix this
41+
===============
42+
43+
Some few ways to reduce the chance of a vulnerability being used
44+
against a system are: the use methods that check on availability of
45+
memory prior to writing, the eradication of null field access and null
46+
method call, the eradication of redundant condition (condition whose
47+
result depends on which part is executed first) etc...

0 commit comments

Comments
 (0)