Jump to content

Guidelines for the Use of the C Language

Recommended Posts

If you program (or plan to program) in C, MISRA (Wikipedia) sells a document titled Guidelines for the Use of the C Language in Critical Systems (Wikipedia).


I found that to be a well-though-out source of information for general secure coding techniques. It focuses on embedded usage, but most of the principles apply generally. The document includes the guidelines themselves, rationale and example code as well.


What included are really things that should be natural and evident for all C programmers (embedded or not), but (in my experience) sadly courses or books dealing with security stuff are either few and far between or are too focused on one particular system/environment (certainly not embedded). This is a very condensed representation of the whys and hows of the pitfalls and the way to avoid them all of us should have been taught in school (or should be in a new edition of K&R at the very least). It will not make you an expert overnight, but it will be eye-opening.


If you are a C beginner, some of the items may be overwhelming (or outright scary); if you are a seasoned veteran, there still might be angles you have not thought of before. Some of it is definitely an overkill for a hobbyist, but following the general principle might help one not burning the barn or irrigating a new Lake Victoria in the back yard :).


The current version (MISRA C2) deals with C89 only; MISRA C3 (which will include C99 constructs as well) is said to come later this year, so blackmailing Santa might be a good idea :).


I am not a frequent standards buyer, but I figure that GBP10 (+tax, if applies), for which you get a 100+ page PDF document (watermarked to your name) borders on impulse buying for a document of this kind.


(Apart from having bought it, not affiliated with them.)

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...