Learn how to identify and code around weaknesses in the C programming language to write more secure programs.
Overview
Syllabus
Introduction
- Write better secure C code
- Using the exercise files
- Compiling the code
- Understanding the weaknesses of C
- What the bad guys look for
- Hunting exploits
- Documenting everything
- Formatting preprocessor directives
- Using an assignment as a condition
- Avoiding putchar() in a while loop
- Using the system() call
- Accessing elements beyond the array size
- Converting integers
- Looping with floating point values
- Using return values
- Confirming when EOF has been read
- Challenge: Fix the code
- Solution: Fix the code
- Authenticating numeric input
- Converting strings to numbers
- Using int values instead of char
- Reading input with fgets()
- Filtering string input
- Challenge: Confirming input
- Solution: Confirming input
- Allocating strings
- Avoiding bad string assignment
- Working with string literals
- Minding string functions
- Storing passwords and codes
- Clearing data after use
- Challenge: The secret code
- Solution: The secret code
- Initializing pointers and buffers
- Checking for NULL pointers
- Performing pointer math
- Freeing pointers
- Challenge: Enter the combination
- Solution: Enter the combination
- Next steps
Taught by
Dan Gookin
