Chapter 2. Strings
1. Daniel Plakosh is a senior member of the technical staff in the CERT Program of Carnegie Mellon’s Software Engineering Institute (SEI). Jason Rafail is a Senior Cyber Security Consultant at Impact Consulting Solutions. Martin Sebor is a Technical Leader at Cisco Systems.
But evil things, in robes of sorrow, Assailed the monarch’s high estate.
—Edgar Allan Poe, “The Fall of the House of Usher”
2.1. Character Strings
Strings from sources such as command-line arguments, environment variables, console input, text files, and network connections are of special concern in secure programming because they provide means for external input to influence the behavior and output of a ...