Login | Register   
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Book Excerpt: The 19 Deadly Sins of Software Security

Each chapter in this book tells you one of the most common programming flaws that leads to a security exploit and how to solve it. Chapter 2 focuses on format string problems.


advertisement
his essential book for all software developers—regardless of platform, language, or type of application—outlines the "19 deadly sins" of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book. Coverage includes:
  • Windows, UNIX, Linux, and Mac OS X
  • C, C++, C#, Java, PHP, Perl, and Visual Basic
  • Web, small client, and smart-client applications

Format string problems may be one of the newest types of attacks to emerge but they are insidious and rank No. 2 on the "deadly sins." The most strongly affected language is C/C++. A successful attack can lead immediately to the execution of arbitrary code, and to information disclosure.

Download the PDF of Chapter 2, "Format String Problems."



Reproduced from "19 Deadly Sins of Software Security" by permission of McGraw-Hill/Osborne. 0072260858, copyright 2005. All rights reserved.



   
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap