Code Review Checklist
The Code Review Checklist is another tool for the development team to use to ensure the completeness of their code reviews.
This reminds developers to handle buffer overruns, mask or remove any internal resource references, and verifying server-side validity checks to coincide with client-side ones. Often overlooked security items such as session information, transaction controls, developer back-doors, and hard-coded passwords are questioned.
This area is looked at to help ensure safe and user-friendly end-user experiences by questioning function caller notifications, assertions, and exception handling. It’s also important not to give too much information in errors, so that is examined as well.
Since this is always a concern, our checklist identifies some key areas that need to be reviewed, such as recursive functions, duplicated objects, system call blocks, and busy waits.
Resource leaks can cause also contribute to performance issues, so the checklist includes questions regarding the freeing of allocated memory and objects, and tracking reference counts.
This section helps identify the safety of global variables and any deadlock risks.