Security/ReviewTopics: Difference between revisions

Jump to navigation Jump to search

Security/ReviewTopics (view source)

Revision as of 21:39, 12 October 2010

68 bytes removed ,  12 October 2010
→‎C and C++
No edit summary
Line 56: Line 56:


== C and C++ ==
== C and C++ ==
* Did you minimize use of unsafe languages?
* Did you minimize and isolate use of low-level constructs (manual allocation, manual refcounting, union tricks such as bit-stealing, and pointer arithmetic)?
* Did you minimize and isolate use of low-level constructs (manual allocation, manual refcounting, union tricks such as bit-stealing, and pointer arithmetic)?
* Are new C++ files on the no-compiler-warnings list?
* Are new C++ files on the no-compiler-warnings list?
Line 62: Line 61:
* Do you use [http://mxr.mozilla.org/mozilla-central/source/xpcom/ds/CheckedInt.h CheckedInt] where integer overflows could be an issue?
* Do you use [http://mxr.mozilla.org/mozilla-central/source/xpcom/ds/CheckedInt.h CheckedInt] where integer overflows could be an issue?
* Does the code use assertions to make it easier to catch bugs?
* Does the code use assertions to make it easier to catch bugs?
* Are the safety-critical invariants clear in the code and in your mind?
* Are the safety-critical invariants documented?
* What would make you more confident in the code's safety?
* What would make you more confident in the code's safety?
Jesse
Confirmed users
729

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/260516"

Navigation menu