Oracle Consulting Oracle Training Oracle Support Development
Oracle Books
SQL Server Books
IT Books
Job Interview Books
Rampant Horse Books
911 Series
Pedagogue Books

Oracle Software
Write for Rampant
Publish with Rampant
Rampant News
Rampant Authors
Rampant Staff
Oracle News
Oracle Forum
Oracle Tips
Articles by our Authors
Press Releases
SQL Server Books

Oracle 11g Books

Oracle tuning

Oracle training

Oracle support

Remote Oracle


Privacy Policy


  SQL Server Tips by Burleson

Avoiding buffer overflows

There are no definitive solutions to this problem but it is very important to consider security issues when coding. You should also test and review the code with security concerns in mind.

Here are some ideas:

  • Define limits (bounds) for the size of buffers and never let the size come directly or indirectly from the input.

  • Verify that the limits are not violated before accessing the buffer.

  • Use string and memory functions that require an explicit size limit (for example strncpy instead of strcpy).

  • Use functions that limit the input data size (for example fgets instead of scanf).

  • Use strlen carefully because the terminating NULL might be missing.

  • Be careful with functions that do not NULL terminate the destination string.

  • Use tools to scan for vulnerabilities. E.g.

RATS-source code review tool that understands C, C++, Python, Perl, and PHP.

Splint-tool for statically checking C programs for security vulnerabilities.

ITS4-Static Vulnerability Scanner for C and C++ Code

The above book excerpt is from:

Super SQL Server Systems
Turbocharge Database Performance with C++ External Procedures

ISBN: 0-9761573-2-2
Joseph Gama, P. J. Naughter  

Linux Oracle commands syntax poster

ION Oracle tuning software

Oracle data dictionary reference poster

Oracle Forum

BC Oracle consulting support training

BC remote Oracle DBA   



 Copyright © 1996 -2017 by Burleson. All rights reserved.

Oracle® is the registered trademark of Oracle Corporation. SQL Server® is the registered trademark of Microsoft Corporation. 
Many of the designations used by computer vendors to distinguish their products are claimed as Trademarks

Hit Counter