www.blackhat.kz

Part 1: Error Checking |
Part 2: Integer Issues |
Part 3: Buffers and Strings

Use of the C programming language is often blamed for insecure code. This is not entirely a valid accusation; projects like OpenBSD show that it is possible to write secure code in C. The problem with C, in this respect, is the same as the problem with assembly-language programming: The language exposes all of the features of the architecture to you, but little else. It provides all the features you need to write tools for secure coding, but doesn’t provide these tools itself.

This series will look at some of the common causes of errors in C code and how to avoid them.

Источник