I'm not quite sure what you are looking for but if it is the "stupid little
mistakes" that you often don't notice, I'll give you one of my favorites.
I will preface this with my current clients do not allow 100% free form so I
am still stuck using old school D Specs.
I am amazed at how many times I add a standalone variable below a data
structure and forget to put the S in column 24 (declaration type) and it is
now part of the data structure above it.
-----Original Message-----
From: RPG400-L <rpg400-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Dave
Sent: Wednesday, March 3, 2021 5:07 PM
To: rpg400-l@xxxxxxxxxxxxxxxxxx
Subject: Secure coding practices
Hi,
I'm looking to create some examples of secure vs non-secure code in RPG.
I'm not finding it easy to come up with my own. I guess the most basic would
be not checking the indicator after a chain operation, for example.
But nobody does that(!) Then I thought of a few things that tend to bite you
on the backside after a few weeks like a DS not initialized or nested DO's
with file reads that both use %EOF without specifying the file name.
But that only happens when you don't test properly. Anyone got any ideas?
TIA!
--
This is the RPG programming on IBM i (RPG400-L) mailing list To post a
message email: RPG400-L@xxxxxxxxxxxxxxxxxx To subscribe, unsubscribe, or
change list options,
visit:
https://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives at
https://archive.midrange.com/rpg400-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.
Help support midrange.com by shopping at amazon.com with our affiliate link:
https://amazon.midrange.com
midrange.com
