Secure Coding in C and C++

ISBN-10: 0321335724

ISBN-13: 9780321335722

Edition: 2006

List price: $54.99
30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description:

A code companion developers will turn to again and again as they seek to protect their systems from attackers.
what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!
Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
Periodic Table Online content $4.95 $1.99
Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99
Customers also bought
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $54.99
Copyright year: 2006
Publisher: Addison Wesley Professional
Publication date: 9/9/2005
Binding: Paperback
Pages: 368
Size: 6.75" wide x 9.00" long x 0.75" tall
Weight: 0.792

Fred Longis Senior Lecturer and Director of Learning and Teaching at Aberystwyth Universityrsquo;s Department of Computer Science, and SEI Visiting Scientist.Dhruv Mohindra, Senior Software Engineer at Persistent Systems Ltd., develops enterprise server monitoring software.Robert C. Seacordmanages CERTrsquo;s Secure Coding Initiative, and is adjunct professor at CMUrsquo;s School of Computer Science.Dean F. Sutherland, Senior Software Security Researcher at CERT, spent 14 years as a software engineer at Tartan, Inc.David Svoboda, CERT Software Security Engineer, has been primary developer on multiple CMU development projects since 1991.

Foreword
Preface
About the Author
Running with Scissors
Gauging the Threat
Security Concepts
C and C++
Development Platforms
Summary
Further Reading
Strings
String Characteristics
Common String Manipulation Errors
String Vulnerabilities
Process Memory Organization
Stack Smashing
Code Injection
Arc Injection
Mitigation Strategies
Notable Vulnerabilities
Summary
Further Reading
Pointer Subterfuge
Data Locations
Function Pointers
Data Pointers
Modifying the Instruction Pointer
Global Offset Table
The .dtors Section
Virtual Pointers
The atexit() and on_exit() Functions
The longjmp() Function
Exception Handling
Mitigation Strategies
Summary
Further Reading
Dynamic Memory Management
Dynamic Memory Management
Common Dynamic Memory Management Errors
Doug Lea's Memory Allocator
RtlHeap
Mitigation Strategies
Notable Vulnerabilities
Summary
Further Reading
Integer Security
Integers
Integer Conversions
Integer Error Conditions
Integer Operations
Vulnerabilities
Nonexceptional Integer Logic Errors
Mitigation Strategies
Notable Vulnerabilities
Summary
Further Reading
Formatted Output
Variadic Functions
Formatted Output Functions
Exploiting Formatted Output Functions
Stack Randomization
Mitigation Strategies
Notable Vulnerabilities
Summary
Further Reading
File I/O
Concurrency
Time of Check, Time of Use
Files as Locks and File Locking
File System Exploits
Mitigation Strategies
Summary
Recommended Practices
Secure Software Development Principles
Systems Quality Requirements Engineering
Threat Modeling
Use/Misuse Cases
Architecture and Design
Off-the-Shelf Software
Compiler Checks
Input Validation
Data Sanitization
Static Analysis
Quality Assurance
Memory Permissions
Defense in Depth
TSP-Secure
Summary
Further Reading References
Acronyms
Index
×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×