Secure Programming with C++

Secure Programming with C++

by Howard Poston
Released July 2020
Publisher(s): EC-Council
ISBN: None

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

The C++ programming language is widely used, but C++ programs are often insecure. A number of different vulnerabilities can exist in C++ code and make it vulnerable to exploitation. If you want to write secure C++ code, you need to identify and understand the numerous potential errors that can be made in C++ programs. This includes everything from identification of a potential vulnerability to understanding how it could be exploited to knowing how to correct your vulnerable code. This course walks you through this entire process by providing examples of vulnerable code, exploiting this code, and then demonstrating corrected code that is immune to exploitation.

Table of contents

  1. Chapter 1: Introduction to C++ Programming
    1. Course Overview
    2. The Object-Oriented Paradigm
    3. Getting Familiar with C++ Libraries and Frameworks
    4. Developing Your First C++ Application
  2. Chapter 2: Battling Integer Vulnerabilities in C++
    1. Variable Types and Typecasting in C++
    2. Integer Overflow Vulnerabilities
    3. Integer Underflow Vulnerabilities
    4. Secure File Management through Files, Classes, and Streams
    5. Introduction to Format String Specifiers
    6. Controlled Execution with Formatted Outputs
  3. Chapter 3: Memory Management in C++
    1. Inside the Stack
    2. Stack-based Buffer Overflow Vulnerabilities
    3. Introduction to the Heap
    4. Non-stack Buffer Overflow
    5. Dynamic Memory Management
  4. Chapter 4: Pointer Subterfuge and Object Misuse in C++
    1. A Few Key Points about Pointers
    2. Null Pointer Dereference
    3. Misusing Freed Memory
    4. Deep vs. Shallow Object Copies
  5. Chapter 5: Code Injection Attacks and Run-time Countermeasures
    1. The Dangers of Untrusted Input
    2. Database Injection with SQL
    3. Running Malicious Code with Command Injection
    4. Breaking LDAP with Injection
    5. XML Hijinks with XPath Injection
    6. Manipulating the Filesystem with Resource Injection
  6. Chapter 6: Eliminate Common Issues with Multithreaded Programming: Concurrency and Parallelism
    1. The Many Benefits of Parallel Processing
    2. Race Conditions Make Code Unpredictable
    3. Locking Down Parallel Processing
    4. Securely Using Temporary Files
  7. Chapter 7: Exceptions and Error Handling in C++
    1. Introduction to Error and Exception Handling
    2. Many Different Types of Exceptions
    3. Handling All of the Errors
    4. Plugging Information Leaks in Error Messages
  8. Chapter 8: Industry Resources and Best Practices for C++ Development
    1. Introduction to the OWASP Top Ten
    2. Tracking Errors and Vulnerabilities
    3. Exploring C++ Best Practices

Product information

  • Title: Secure Programming with C++
  • Author(s): Howard Poston
  • Release date: July 2020
  • Publisher(s): EC-Council
  • ISBN: None