more broken link fixes

This commit is contained in:
Huzaifa Sidhpurwala 2021-09-22 10:16:00 +05:30
parent b14c0857dc
commit 3cc4533ad1
6 changed files with 10 additions and 10 deletions

View file

@ -50,7 +50,7 @@ but strongly discouraged
These primitives are difficult to use in a secure way. Custom These primitives are difficult to use in a secure way. Custom
implementation of security protocols should be avoided. For implementation of security protocols should be avoided. For
protecting confidentiality and integrity of network protecting confidentiality and integrity of network
transmissions, TLS should be used (<<chap-Defensive_Coding-TLS>>). transmissions, TLS should be used (xref:../features/Features-TLS.adoc#chap-Defensive_Coding-TLS[Transport Layer Security]).
In particular, when using AES in CBC mode, it is necessary to In particular, when using AES in CBC mode, it is necessary to
add integrity checking by other means, preferably using add integrity checking by other means, preferably using

View file

@ -9,7 +9,7 @@ In this chapter, we discuss general file system manipulation, with
a focus on access files and directories to which an other, a focus on access files and directories to which an other,
potentially untrusted user has write access. potentially untrusted user has write access.
Temporary files are covered in their own chapter, <<chap-Defensive_Coding-Tasks-Temporary_Files>>. Temporary files are covered in their own chapter, xref:../tasks/Tasks-Temporary_Files.adoc#chap-Defensive_Coding-Tasks-Temporary_Files[Temporary Files].
[[sect-Defensive_Coding-Tasks-File_System-Unowned]] [[sect-Defensive_Coding-Tasks-File_System-Unowned]]
== Working with Files and Directories Owned by Other Users == Working with Files and Directories Owned by Other Users

View file

@ -126,7 +126,7 @@ Several attributes are global and affect all code in the
process, not just the library that manipulates them. process, not just the library that manipulates them.
* environment variables * environment variables
(see <<sect-Defensive_Coding-Tasks-secure_getenv>>) (see xref:../tasks/Tasks-Processes.adoc#sect-Defensive_Coding-Tasks-secure_getenv[Accessing Environment Variables])
* umask * umask

View file

@ -10,7 +10,7 @@ include::{partialsdir}/entities.adoc[]
This section describes how to create new child processes in a This section describes how to create new child processes in a
safe manner. In addition to the concerns addressed below, there safe manner. In addition to the concerns addressed below, there
is the possibility of file descriptor leaks, see <<sect-Defensive_Coding-Tasks-Descriptors-Child_Processes>>. is the possibility of file descriptor leaks, see xref:../tasks/Tasks-Descriptors.adoc#sect-Defensive_Coding-Tasks-Descriptors-Child_Processes[Preventing File Descriptor Leaks to Child Processes].
=== Obtaining the Program Path and the Command-line Template === Obtaining the Program Path and the Command-line Template

View file

@ -13,7 +13,7 @@ robustly in languages which are not memory-safe.
[[sect-Defensive_Coding-Tasks-Serialization-Decoders]] [[sect-Defensive_Coding-Tasks-Serialization-Decoders]]
== Recommendations for Manually-written Decoders == Recommendations for Manually-written Decoders
For C and C++, the advice in <<sect-Defensive_Coding-C-Pointers>> applies. In For C and C++, the advice in xref:../programming-languages/C-Language.adoc#sect-Defensive_Coding-C-Pointers[Recommendations for Pointers and Array Handling] applies. In
addition, avoid non-character pointers directly into input addition, avoid non-character pointers directly into input
buffers. Pointer misalignment causes crashes on some buffers. Pointer misalignment causes crashes on some
architectures. architectures.
@ -107,7 +107,7 @@ reject fragments which are inconsistent.
fragments against the unfragmented PDU length (if they are fragments against the unfragmented PDU length (if they are
present). Check that the last byte in the fragment does not present). Check that the last byte in the fragment does not
lie after the end of the unfragmented PDU. Avoid integer lie after the end of the unfragmented PDU. Avoid integer
overflows in these computations (see <<sect-Defensive_Coding-C-Arithmetic>>). overflows in these computations (see xref:../programming-languages/C-Language.adoc#sect-Defensive_Coding-C-Arithmetic[Recommendations for Integer Arithmetic]).
[[sect-Defensive_Coding-Tasks-Serialization-Fragmentation-ID]] [[sect-Defensive_Coding-Tasks-Serialization-Fragmentation-ID]]
=== Fragment IDs === Fragment IDs

View file

@ -8,13 +8,13 @@ In this chapter, we describe how to create temporary files and
directories, how to remove them, and how to work with programs directories, how to remove them, and how to work with programs
which do not create files in ways that are safe with a shared which do not create files in ways that are safe with a shared
directory for temporary files. General file system manipulation directory for temporary files. General file system manipulation
is treated in a separate chapter, <<chap-Defensive_Coding-Tasks-File_System>>. is treated in a separate chapter, xref:../tasks/Tasks-File_System.adoc#chap-Defensive_Coding-Tasks-File_System[File System Manipulation].
Secure creation of temporary files has four different aspects. Secure creation of temporary files has four different aspects.
* The location of the directory for temporary files must be * The location of the directory for temporary files must be
obtained in a secure manner (that is, untrusted environment obtained in a secure manner (that is, untrusted environment
variables must be ignored, see <<sect-Defensive_Coding-Tasks-secure_getenv>>). variables must be ignored, see xref:../tasks/Tasks-Processes.adoc#sect-Defensive_Coding-Tasks-secure_getenv[Accessing Environment Variables).
* A new file must be created. Reusing an existing file must be * A new file must be created. Reusing an existing file must be
avoided (the `/tmp` race avoided (the `/tmp` race
@ -71,7 +71,7 @@ temporary file. You should specify the
to subprocesses. (Applications which do not use multiple threads to subprocesses. (Applications which do not use multiple threads
can also use `mkstemp`, but libraries should can also use `mkstemp`, but libraries should
use `mkostemp`.) For determining the use `mkostemp`.) For determining the
directory part of the file name pattern, see <<chap-Defensive_Coding-Tasks-Temporary_Files-Location>>. directory part of the file name pattern, see <<chap-Defensive_Coding-Tasks-Temporary_Files-Location>>
The file is not removed automatically. It is not safe to rename The file is not removed automatically. It is not safe to rename
or delete the file before processing, or transform the name in or delete the file before processing, or transform the name in
@ -151,7 +151,7 @@ the [option]`-rf` and [option]`--` options.
There are two ways to make a function or program which excepts a There are two ways to make a function or program which excepts a
file name safe for use with temporary files. See file name safe for use with temporary files. See
<<sect-Defensive_Coding-Tasks-Processes-Creation>>, xref:../tasks/Tasks-Processes.adoc#sect-Defensive_Coding-Tasks-Processes-Creation[Creating Safe Processes]
for details on subprocess creation. for details on subprocess creation.
* Create a temporary directory and place the file there. If * Create a temporary directory and place the file there. If