Secure Coding in C

November 27, 2019 Courses
Secure Coding in C

English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 1h 19m | 212 MB

C lacks some of the safety valves offered by newer programming languages. But while this midlevel language has its weaknesses, writing safe C code is still possible—it just requires extra vigilance on the part of the developer. In this course, instructor Dan Gookin explains how to identify and code around weaknesses in the C programming language to write more secure programs. Many exploits are known regarding C code; this course reviews each one, explaining the vulnerabilities and how to deal with them. Major areas covered include undefined behavior, avoiding awkward constructions, validating input, managing strings, and working with pointers.

Topics include:

  • The weaknesses of the C language
  • Using an assignment as a condition
  • Avoiding putchar() in a while loop
  • Confirming when EOF has been read
  • Authenticating numeric input
  • Filtering string input
  • Avoiding bad string assignment
  • Storing passwords and codes
  • Clearing data after use
  • Issues with pointers
Table of Contents

Introduction
1 Write better secure C code
2 Using the exercise files
3 Compiling the code

On the Defensive
4 Understanding the weaknesses of C
5 What the bad guys look for
6 Hunting exploits
7 Documenting everything

Undefined Behaviors
8 Formatting preprocessor directives
9 Using an assignment as a condition
10 Avoiding putchar() in a while loop
11 Using the system() call
12 Accessing elements beyond the array size
13 Converting integers
14 Looping with floating point values
15 Using return values
16 Confirming when EOF has been read
17 Challenge Fix the code
18 Solution Fix the code

Input Validation
19 Authenticating numeric input
20 Converting strings to numbers
21 Using int values instead of char
22 Reading input with fgets()
23 Filtering string input
24 Challenge Confirming input
25 Solution Confirming input

String Management
26 Allocating strings
27 Avoiding bad string assignment
28 Working with string literals
29 Minding string functions
30 Storing passwords and codes
31 Clearing data after use
32 Challenge The secret code
33 Solution The secret code

Issues with Pointers
34 Initializing pointers and buffers
35 Checking for NULL pointers
36 Performing pointer math
37 Freeing pointers
38 Challenge Enter the combination
39 Solution Enter the combination

Conclusion
40 Next steps

Resolve the captcha to access the links!