“At Cisco, we have adopted the CERT C Coding Standard as the
internal secure coding standard for all C developers. It is a core
component of our secure development lifecycle. The coding standard
described in this book breaks down complex software security topics
into easy-to-follow rules with excellent real-world examples. It is an
essential reference for any developer who wishes to write secure and
resilient software in C and C++.” —Edward D. Paradise, vice
president, engineering, threat response, intelligence, and
development, Cisco Systems Secure programming in C can be more
difficult than even many experienced programmers realize. To help
programmers write more secure code, The CERT® C Coding Standard,
Second Edition, fully documents the second official release of the
CERT standard for secure coding in C. The rules laid forth in this new
edition will help ensure that programmers’ code fully complies with
the new C11 standard; it also addresses earlier versions, including
C99. The new standard itemizes those coding errors that are the root
causes of current software vulnerabilities in C, prioritizing them by
severity, likelihood of exploitation, and remediation costs. Each of
the text’s 98 guidelines includes examples of insecure code as well
as secure, C11-conforming, alternative implementations. If uniformly
applied, these guidelines will eliminate critical coding errors that
lead to buffer overflows, format-string vulnerabilities, integer
overflow, and other common vulnerabilities. This book reflects
numerous experts’ contributions to the open development and review
of the rules and recommendations that comprise this standard.
Coverage includes Preprocessor Declarations and Initialization
Expressions Integers Floating Point Arrays Characters and Strings
Memory Management Input/Output Environment Signals Error Handling
Concurrency Miscellaneous Issues
Les mer
Produktdetaljer
ISBN
9780133805291
Publisert
2014
Utgave
2. utgave
Utgiver
Vendor
Addison-Wesley Professional PTG
Språk
Product language
Engelsk
Format
Product format
Digital bok
Forfatter