Do any of you folks who spend most of your time writing code in C or C++ specifically address security vulnerabilities in your code? What I mean by this is, do you actively audit your code, test, and check for buffer overflows, unsanitized user input, and other common security flaws? Does anyone have favorite resources which are essentially a checklist of what to look for? I've found a few myself and I was aware of most of them, but I figure I'd ask here because I know there are quite a few native devs here.
One of the benefits I seem to have discovered of spending most of my time writing native code these days is that most of these security problems are sorta built in to my "peripheral vision" so-to-speak while coding... Like for me, the second I start to write a "string" I'm already thinking about the null terminator... Likewise, when I write a for-loop I am paying close attention to the number of times it will execute vs. the number of times I need it to execute, etc... But I suppose one who is used to higher-level languages and then jumping into C occasionally may be more susceptible to opening up security holes in C.
Thanks.