Secure Coding in C and C++ (Paperback)
Robert C. Seacord
- 出版商: Addison Wesley
- 出版日期: 2005-09-19
- 售價: $2,180
- 貴賓價: 9.5 折 $2,071
- 語言: 英文
- 頁數: 368
- 裝訂: Paperback
- ISBN: 0321335724
- ISBN-13: 9780321335722
-
相關分類:
C 程式語言、C++ 程式語言
-
其他版本:
Secure Coding in C and C++, 2/e (Paperback)
買這商品的人也買了...
-
$650$553 -
$590$466 -
$780$616 -
$490$382 -
$902Computer Science Illuminated, 2/e
-
$890$703 -
$650$507 -
$880$748 -
$680$646 -
$490$382 -
$880$695 -
$750$585 -
$490$417 -
$580$493 -
$390$332 -
$180$142 -
$890$757 -
$780$741 -
$450$405 -
$780$702 -
$680$578 -
$650$507 -
$550$468 -
$750$593 -
$720$569
相關主題
商品描述
Table of Contents:
Foreword.
Preface.
About the Author.
1. Running with Scissors.
Gauging the Threat
Security Concepts
C and C++
Development Platforms
Summary
Further Reading
2. Strings.
String Characteristics
Common String Manipulation Errors
String Vulnerabilities
Process Memory Organization
Stack Smashing
Code Injection
Arc Injection
Mitigation Strategies
Notable Vulnerabilities
Summary
Further Reading
3. Pointer Subterfuge.
Data Locations
Function Pointers
Data Pointers
Modifying the Instruction Pointer
Global Offset Table
The .dtors Section
Virtual Pointers
The atexit() and on_exit() Functions
The longjmp() Function
Exception Handling
Mitigation Strategies
Summary
Further Reading
4. Dynamic Memory Management.
Dynamic Memory Management
Common Dynamic Memory Management Errors
Doug Lea's Memory Allocator
RtlHeap
Mitigation Strategies
Notable Vulnerabilities
Summary
Further Reading
5. Integer Security.
Integers
Integer Conversions
Integer Error Conditions
Integer Operations
Vulnerabilities
Nonexceptional Integer Logic Errors
Mitigation Strategies
Notable Vulnerabilities
Summary
Further Reading
6. Formatted Output.
Variadic Functions
Formatted Output Functions
Exploiting Formatted Output Functions
Stack Randomization
Mitigation Strategies
Notable Vulnerabilities
Summary
Further Reading
7. File I/O.
Concurrency
Time of Check, Time of Use
Files as Locks and File Locking
File System Exploits
Mitigation Strategies
Summary
8. Recommended Practices.
Secure Software Development Principles
Systems Quality Requirements Engineering
Threat Modeling
Use/Misuse Cases
Architecture and Design
Off-the-Shelf Software
Compiler Checks
Input Validation
Data Sanitization
Static Analysis
Quality Assurance
Memory Permissions
Defense in Depth
TSP-Secure
Summary
Further Reading
References.
Acronyms.
Index.