# C/C++ Secure Coding

| Language | Insecure Function               | Vulnerability                                   | Scenario                                                                           | Remediation/Secure Function                                |
| -------- | ------------------------------- | ----------------------------------------------- | ---------------------------------------------------------------------------------- | ---------------------------------------------------------- |
| C        | `strcpy`                        | Buffer Overflow                                 | A software application takes user input and stores it in a fixed-size buffer.      | `strncpy` with bounds checking and null termination        |
| C        | `gets`                          | Stack Buffer Overflow                           | A program reads user input into a stack buffer without bounds checking.            | `fgets` with bounds checking                               |
| C        | `malloc` with unchecked bounds  | Heap Buffer Overflow                            | A program allocates memory for user data but does not check the size of the input. | Ensure loop limits are correct and check allocation size   |
| C        | `strcpy`                        | Stack Buffer Overflow leading to Stack Smashing | A web server takes input from a request and copies it into a local stack buffer.   | `strncpy` with bounds checking and null termination        |
| C        | `system`                        | Command Injection                               | An application runs system commands based on user input.                           | Validate input, use `snprintf` and validate input securely |
| C        | Unchecked arithmetic operations | Integer Overflow                                | A program performs arithmetic operations without checking for overflow.            | Check arithmetic bounds and validate inputs                |
| C        | `printf`                        | Format String Vulnerability                     | A program prints user input directly using `printf`.                               | Use format specifiers, e.g., `printf("%s", user_input)`    |

#### String Handling Vulnerabilities

| Language | Insecure Function                  | Vulnerability   | Scenario                                                                      | Remediation/Secure Function                         |
| -------- | ---------------------------------- | --------------- | ----------------------------------------------------------------------------- | --------------------------------------------------- |
| C        | `strcpy`                           | Buffer Overflow | A software application takes user input and stores it in a fixed-size buffer. | `strncpy` with bounds checking and null termination |
| C        | `strncpy` without null termination | Buffer Overflow | A program uses `strncpy` but does not ensure null termination.                | Ensure null termination after `strncpy`             |

#### Buffer Overflow

| Language | Insecure Function        | Vulnerability         | Scenario                                                                 | Remediation/Secure Function                           |
| -------- | ------------------------ | --------------------- | ------------------------------------------------------------------------ | ----------------------------------------------------- |
| C        | `gets`                   | Stack Buffer Overflow | A program reads user input into a stack buffer without bounds checking.  | `fgets` with bounds checking                          |
| C        | Manual memory management | Heap Buffer Overflow  | A program does not properly manage dynamic memory allocation and bounds. | Use safe memory allocation functions and check bounds |

#### Integer Security

| Language | Insecure Function               | Vulnerability    | Scenario                                                                | Remediation/Secure Function                 |
| -------- | ------------------------------- | ---------------- | ----------------------------------------------------------------------- | ------------------------------------------- |
| C        | Unchecked arithmetic operations | Integer Overflow | A program performs arithmetic operations without checking for overflow. | Check arithmetic bounds and validate inputs |

#### Code Injection

| Language | Insecure Function | Vulnerability     | Scenario                                                 | Remediation/Secure Function                                |
| -------- | ----------------- | ----------------- | -------------------------------------------------------- | ---------------------------------------------------------- |
| C        | `system`          | Command Injection | An application runs system commands based on user input. | Validate input, use `snprintf` and validate input securely |

#### Exploiting Formatted Output Functions

| Language | Insecure Function | Vulnerability               | Scenario                                             | Remediation/Secure Function                             |
| -------- | ----------------- | --------------------------- | ---------------------------------------------------- | ------------------------------------------------------- |
| C        | `printf`          | Format String Vulnerability | A program prints user input directly using `printf`. | Use format specifiers, e.g., `printf("%s", user_input)` |