« ICANN Terminates EstDomains Registrar Accreditation due to Fraud, Money Laundering Convictions | Main | Agile SDL Streamline Security Practices For Agile Development »

Microsoft's Stance on Banned APIs

Microsoft has a blog entry on their mentality/process on banning certain API calls to improve their software's security.

"Jeremy Dallman here with a quick note about a code sanitizing tool we are making available to support one of the SDL requirements – Remove all Banned APIs from your code.

This requirement was put in place to prevent use of certain older C runtime functions that lead to buffer overrun flaws and have been deprecated. In the Security Development Lifecycle book, an entire chapter is dedicated to the topic of banned function calls. In the book, we also provide a copy of the banned.h header file on the companion CD. This header file allows you to locate any banned functions in your code.

On MSDN, we have document the SDL list of Banned Function Calls but the header file has not been publicly available outside the SDL book until now. Today, we are providing the banned.h header on the Microsoft Download Center.

Find the banned.h header here

By including this header file, then using #include “banned.h”; you will be able to locate any banned functions in your code. The full list of banned APIs is also included in the header file."

Read more: http://blogs.msdn.com/sdl/archive/2008/10/22/good-hygiene-and-banned-apis.aspx


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!