Secure Programming Flowchart.

Publicated on : 1188388160
Today I wanted to show the flow chart I use when I am programming or scripting new software. The chart of the left is how I mentally project how to secure incoming user data. The organized flow of secure programming is something that I taught myself over the years. I am pretty convinced that if I stick to the exact flow, I create a relative secure program. The chart is following a strict process, any deviation could lead to a security leak. It basically is structured like so:

Inputed raw data is first checked upon presence, then the data size is checked to prevent buffer overflows and off-by one exploits. When a decision is made I either check the data type, is it expected data? if so make a decision to either truncate or handle it further. Then I could either typecast it, or just escape it to have a prepared data set to process on. Notice that this all happens before I call native programming language functions. So everything is done with regular ternary operations, no functions involved. Everything is being checked before passed through functions. The true / false icons are decision makers: is it expected or not?

You probably notice that these are some rigorous steps to follow, but if you want to program securely you basically have to follow these steps. it is however my mental work flow, so don't rely on my chart. Invent your own, but remember that security is a process, and each step can either secure it or weaken it, so please don't deviate from generally accepted secure code flow. With this I mean: watch out what you do first.

You might wonder why all this hassle? Well, it has been estimated that over half of PHP native functions and code libraries are vulnerable to buffer over/under flows and (multibyte) encoding issues/mistakes to some delicate degree, including but not limited to htmlspecialchars() which we usually prefer to convert HTML to it's entities.

That being said, and as a PHP programmer I never ever pass anything verbatim through the PHP (native functions) parser anymore, I just don't trust it. That might be paranoid for some, but I learned enough to make this conclusion by now. Instead, I just ensure nothing gets through without my consent.

I hope you can use it,
or maybe inspire you to create your own algorithm.