dcsimg
Login | Register   
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX

By submitting your information, you agree that devx.com may send you DevX offers via email, phone and text message, as well as email offers about other products and services that DevX believes may be of interest to you. DevX will process your information in accordance with the Quinstreet Privacy Policy.


advertisement
 

Book Excerpt: The 19 Deadly Sins of Software Security

Each chapter in this book tells you one of the most common programming flaws that leads to a security exploit and how to solve it. Chapter 2 focuses on format string problems.


advertisement

WEBINAR:

On-Demand

Application Security Testing: An Integral Part of DevOps


his essential book for all software developers—regardless of platform, language, or type of application—outlines the "19 deadly sins" of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book. Coverage includes:
  • Windows, UNIX, Linux, and Mac OS X
  • C, C++, C#, Java, PHP, Perl, and Visual Basic
  • Web, small client, and smart-client applications

Format string problems may be one of the newest types of attacks to emerge but they are insidious and rank No. 2 on the "deadly sins." The most strongly affected language is C/C++. A successful attack can lead immediately to the execution of arbitrary code, and to information disclosure.

Download the PDF of Chapter 2, "Format String Problems."



Reproduced from "19 Deadly Sins of Software Security" by permission of McGraw-Hill/Osborne. 0072260858, copyright 2005. All rights reserved.



   
Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
×
We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.
Thanks for your registration, follow us on our social networks to keep up-to-date