Secure C coding practices

Question

I am looking for a comprehensive record of secure coding practices in C. Since i haven't found such a list existing here already we might as well make this into a community wiki, for further reference. I am looking for solutions to security issues like stack and heap based buffer overflows and underflows, integer overflows and underflows, format string attacks, null pointer dereferencing, heap/memory inspection attacks, etc..

NB: Besides coding practices, secure libraries that defend against these kind of attacks are worth mentioning too.

LE: As seen in this question Secure C++ coding practices but for C only.

Answer 1

The CERT C "de facto" standard is fairly well-known and addresses these issues at some extent:

SEI CERT C Coding Standard

There should be several static analyzers on the market that supports CERT C.

Answer 2

Same answer Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More

From the description:

Readers will learn:

• How to avoid common programming errors, such as buffer overflows, race conditions, and format string problems

• How to properly SSL-enable applications

• How to create secure channels for client-server communication without SSL

• How to integrate Public Key Infrastructure (PKI) into applications Best practices for using cryptography properly Techniques and strategies for properly validating input to programs

• How to launch programs securely

• How to use file access mechanisms properly

• Techniques for protecting applications from reverse engineering