The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities

Chapter 13. Synchronization and State

“The future influences the present just as much as the past.”

Friedrich Nietzsche

Introduction

Up to this point, most of the vulnerabilities you’ve seen occur in a lone synchronous code path; that is, each vulnerability can be traced from a single entry point to an endpoint. However, most modern software responds asynchronously to external triggers such as UNIX signals, Windows events, or thrown exceptions. Asynchronous execution is even more common with the growing popularity of multithreaded programming, in which different threads of execution share the same address space. These multithreading and multiprocessing applications introduce unique security vulnerabilities that occur when an attacker can manipulate ...

Get The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities by

Chapter 13. Synchronization and State

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly