Secure Coding in C and C++
|Publisher:||Pearson Addison-Wesley Professional|
|Author:||Robert C. Seacord|
|Published:||Apr 02 2013|
|Posted:||Aug 07 2016|
|Book size:||21.48 MB|
Learn the Root Causes of Software Vulnerabilities and How to Avoid Them Commonly exploited software vulnerabilities are usually caused by avoidable software defects. Having analyzed tens of thousands of vulnerability reports since 1988, CERT has determined that a relatively small number of root causes account for most of the vulnerabilities. Secure Coding in C and C, Second Edition, identifies and explains these root causes and shows the steps that can be taken to prevent exploitation. Moreover, this book encourages programmers to adopt security best practices and to develop a security mindset that can help protect software from tomorrow';s attacks, not just today';s. Drawing on the CERT';s reports and conclusions, Robert C. Seacord systematically identifies the program errors most likely to lead to security breaches, shows how they can be exploited, reviews the potential consequences, and presents secure alternatives. Coverage includes technical detail on how to Improve the overall security of any C or C applicationThwart buffer overflows, stack-smashing, and return-oriented programming attacks that exploit insecure string manipulation logicAvoid vulnerabilities and security flaws resulting from the incorrect use of dynamic memory management functionsEliminate integer-related problems resulting from signed integer overflows, unsigned integer wrapping, and truncation errorsPerform secure I/O, avoiding file system vulnerabilitiesCorrectly use formatted output functions without introducing format-string vulnerabilitiesAvoid race conditions and other exploitable vulnerabilities while developing concurrent code The second edition features Updates for C11 and C11 Significant revisions to chapters on strings, dynamic memory management, and integer securityA new chapter on concurrencyAccess to the online secure coding course offered through Carnegie Mellon';s Open Learning Initiative (OLI) Secure Coding in C and C, Second Edition, presents hundreds of examples of secure code, insecure code, and exploits, implemented for Windows and Linux. If you';re responsible for creating secure C or C softwareor for keeping it safeno other book offers you this much detailed, expert assistance.
With Examples in C# and .NET
Applying Domain-Driven Design and Patterns is the first complete, practical guide to leveraging patterns, domain-driven design, and test-driven development in .NET environments. Drawing on seminal work by Martin Fowler and Eric Evans, Jimmy Nilsson shows how to customize real-world architectures for any .NET application. You'll learn how to prepare domain models for application infrastructure; support business rules; provide persistence support; plan for the presentation layer and UI testing; and design for service orientation or aspect orientation. Nilsson illuminates each principle with clear, well-annotated code examples based on C# 2.0, .NET 2.0, and SQL Server 2005. His examples will be valuable both to C# developers and those working with other...
Cryptography in C and C++ mainly focuses on the practical aspects involved in implementing public key cryptography methods, such as the RSA algorithm that was released from patent protection. It also gives both a technical overview and an implementation of the Rijndael algorithm that was selected as the Advanced Encryption Standard by the U.S. government. Author Michael Welschenbach avoids complexities by explaining cryptography and its mathematical basis in terms a programmer can easily understand. This book offers a comprehensive yet relentlessly practical overview of the fundamentals of modern cryptography. It contains a wide-ranging library of code in C and C++, including the RSA algorithm, completed by an extensive Test Suite that proves that th...
In C and C++
Embedded software is in almost every electronic device designed today. There is software hidden away inside our watches, microwaves, VCRs, cellular telephones, and pagers; the military uses embedded software to guide smart missiles and detect enemy aircraft; communications satellites, space probes, and modern medicine would be nearly impossible without it. Of course, someone has to write all that software, and there are thousands of computer scientists, electrical engineers, and other professionals who actually do. Each embedded system is unique and highly customized to the application at hand. As a result, embedded systems programming is a widely varying field that can take years to master. However, if you have some programming experience and are fa...
2007 - 2018 © eBooks-IT.org