Learning Basics of Rational Robot - IBM Test automation tool

7 Tips to be More Innovative in the Age of Agile Testing to Survive an Economic Crisis

Top 25 common programming bugs every tester should know

Posted In | Security testing, Testing Tips and resources, software testing links

Just a quick note to share a useful resource with you. Just came across a good article 25 common programming errors for software programmers and software testers. Basically this is more useful for programmers but I think software testers can get insight on how developers can unknowingly leave bugs in software programs.

Each bug listed in this resource can lead to serious software vulnerabilities if not fixed. The top 25 security bugs list will help programmers to avoid some common but serious coding mistakes. For software testers list will be useful as a security testing checklist for Internet as well as for testing desktop application.

Here are few top security vulnerabilities discussed in detail in this article:

  •  Improper input validation
  •  Improper escaping of output or encoding
  •  SQL injection
  •  Cross-site scripting
  •  Race conditions
  •  Information leak in error messages
  •  Error while transmitting sensitive information
  •  Memory leak
  •  External control of critical data and file paths
  •  Improper initialization
  •  Improper authorization
  •  Client side security checks

I think, the most common security vulnerability mistake developers make is “Client side enforcement of server side security”.

Check out below article so that you can at least help developers for improving their code standards ;-)

Top 25 common programming Errors




Related Posts:

  • Interesting posts on Software Testing Help
  • Software Testing Advice for Novice Testers
  • How to keep motivation alive in software testers?
  • Should companies charge the clients on the basis of number of bugs?
  • How to get your all bugs resolved without any ‘Invalid bug’ label?

    • 43 comments ↓

    #1 Rahul on 02.13.09 at 4:25 am

    I think what u had told is right. It is good article. Thank u.

    #2 Mehmood on 02.13.09 at 5:07 am

    hi
    its nice article.its very helpful fo all..

    thank u

    #3 srikanth on 02.13.09 at 8:36 am

    Yes, its a good information.

    #4 STE Stuff| Every Thing That Test Eng Needs on 02.13.09 at 1:48 pm

    Good information dude. Input validation will be the top prior one always.

    #5 Yogini on 02.13.09 at 7:36 pm

    Thanks vijay for posting the link. That is really a great cumulative post helpful for security testers.
    Keep posting such resources side by side.

    Keep going..

    #6 Priya on 02.14.09 at 6:33 am

    Really Helpful information.Thanks for the wonderful article.

    #7 Ajit on 02.15.09 at 5:39 pm

    This article is very usefull for all tester

    #8 Sridhar on 02.16.09 at 4:52 pm

    Great Article…Thanks for sharing

    #9 Ratnadeep on 02.17.09 at 9:36 am

    Very useful article.Keep up the good work.

    #10 Ahmad on 02.17.09 at 1:05 pm

    I LIKE IT…. THNX BUDDY

    #11 Vivek Kasat on 02.19.09 at 3:40 am

    Very Useful artical
    Thanks a lot :)

    #12 Mallikarjun on 02.25.09 at 1:16 pm

    Really wonderful information.It is very useful for testers as well as developrs also.

    #13 Saran on 02.28.09 at 8:09 am

    Hi Guys

    It’s Nice article,It gives a valuable information
    Thanks

    #14 Jamuna on 02.28.09 at 5:38 pm

    Very Informative…..Thanks!!!!

    #15 J.B.Rajkumar on 03.02.09 at 4:05 am

    This is a Good article for both developers and testing analysts. Thanks.

    #16 Inder P Singh on 03.02.09 at 4:55 pm

    My estimate is that new programming languages or newer versions of the existing ones would address these programming errors in future. In the meantime, the programmers should be alert for these errors.

    Inder P Singh

    #17 Rao on 03.02.09 at 9:42 pm

    This particular concept is giving the heads up to both the DEV & QA to minimize the defects and improve the qulity on common aspects.

    #18 soloman on 03.03.09 at 5:35 am

    hi
    this is QTP

    #19 Reema on 03.16.09 at 10:08 am

    Good one ..keep posting !!

    #20 sitaram on 03.19.09 at 12:40 pm

    This is a good article for all tester.

    #21 Jayshri on 03.23.09 at 12:31 pm

    Yes it’s really helpful to all, Actually i am already work on it. not our application is little bit safe but some time if system slow it’s throw server exception error where shows function or procedure name also i think it’s also harmful, but i am not prove it how it’s harmful so plz explain me if possible.

    #22 mandeep on 04.02.09 at 9:36 am

    hello every bady
    i done a SQT(Software quality testing) course from noida. if any bady which r present on this site and doing job in any company regard to testng then plz let me know .
    plz tell me about agile testing

    #23 priyanka on 04.06.09 at 9:36 am

    NIce article.

    #24 shanthakumar on 05.02.09 at 9:19 am

    wat is memory leaking?

    #25 Digicorp » Blog Archive » Top 25 Most Dangerous Programming Errors on 06.05.09 at 12:09 pm

    […] http://www.softwaretestinghelp...../#more-353 Category: Uncategorized  |  Comment (RSS)  |  Trackback […]

    #26 Namrata on 06.10.09 at 8:51 pm

    Good to know this information.

    #27 kien on 06.28.09 at 5:18 pm

    thank

    #28 xavier on 07.02.09 at 11:58 am

    Thanks for your information

    #29 Aman on 07.03.09 at 7:44 am

    Good Article for both developers & testers.

    #30 Sk on 07.16.09 at 1:00 pm

    hai , i m new to this website.its very good site.i m a
    Bsc fresher,i m interested to learn software testing in a
    training insitute in B’lore.
    i hav some Qs.Plz anyone answer…
    1)what is manual testing actually(in real time scenario)?
    2)is it learnable by fresh graduates?
    3)do we need to know any programming languages?
    also can anyone give me ebooks on manual/automation testing?.

    email: dwnlodking@ymail.com
    Thanks….

    #31 mandeep on 07.17.09 at 10:05 am

    hello. plz can any body give me the lists of north india IT companies.plz help me out i done mca and sqt(software quality testing) course.

    #32 Ahmad Adnan on 07.17.09 at 11:35 am

    it`s good buddy..

    thnx

    #33 nisha kamboj on 07.20.09 at 12:34 pm

    hello sir, i am new in testing and want to know how to write the test cases with proper format. though i write few one but i want to know the standard format…plz guide me..your site is really helpful for the person who are in testing..it provides valuable information…good job …

    thanks

    #34 Sanga on 07.21.09 at 9:40 am

    Hi,

    it is very interesting site from this i got lots of knowledge but still i want gain knowledge.

    #35 mandeep on 07.22.09 at 5:45 pm

    plz tell me vijay or any body u r on this site.my q is still present in comment

    #36 Rony Barua on 09.13.09 at 9:53 am

    It should maintain every tester. and It is a very helpful article

    #37 MH on 09.22.09 at 1:50 pm

    Very very useful article. Thanks.

    #38 maha on 11.12.09 at 9:46 am

    how to create a web site plz tell me

    #39 maha on 11.12.09 at 9:47 am

    how to create a web site

    #40 Mrudula on 11.28.09 at 3:14 am

    Nice Document.. Helped me a lot

    #41 Geek Blogger on 12.16.09 at 9:00 am

    Very helpful article .

    #42 Nirvan on 12.24.09 at 8:23 am

    This is the Best Article ever I have seen for the Testing Guide…!!!

    #43 securians on 01.27.10 at 6:21 am

    hire developers & software programmers

    Securenext software | Hire offshore web developers & programmers

    With offices in california, united states and in chennai, india our company consists of experienced programmers, website developers, graphic designers working in ruby on rails, php, .net, database management, providing agile business solution.

    Leave a Comment