C and C++ secure coding (ARM)

  • CL-CPA
  • 3 days
  • C/C++

Description

To put it bluntly, writing C/C++ code can be a minefield for reasons ranging from memory management or dealing with legacy code to sharp deadlines and code maintainability. Yet, beyond all that, what if we told you that attackers were trying to break into your code right now? How likely would they be to succeed?

This course will change the way you look at your C/C++ code. We'll teach you the common weaknesses and their consequences that can allow hackers to attack your system, and – more importantly – best practices you can apply to protect yourself. We give you a holistic view on C/C++ programming mistakes and their countermeasures from the machine code level to virtual functions and OS memory management. We present the entire course through live practical exercises to keep it engaging and fun.

Writing secure code will give you a distinct edge over your competitors. It is your choice to be ahead of the pack – take a step and be a game-changer in the fight against cybercrime.

Participants attending this course will

  • Understand basic concepts of security, IT security and secure coding
  • Realize the severe consequences of unsecure buffer handling
  • Understand the architectural protection techniques and their weaknesses
  • Have a practical understanding of cryptography
  • Learn about XML security
  • Learn about typical coding mistakes and how to avoid them
  • Be informed about recent vulnerabilities in various platforms, frameworks and libraries
  • Learn about denial of service attacks and protections
  • Get sources and further readings on secure coding practices

Outline

  • IT security and secure coding
  • ARM machine code, memory layout and stack operations
  • Buffer overflow
  • Practical cryptography
  • XML security
  • Common coding errors and vulnerabilities
  • Denial of service
  • Principles of security and secure coding
  • Knowledge sources

Course information

Preparedness

General C/C++ development

Exercises

Hands-on

Delivery methods

Onsite / Virtual classroom

Course reviews

Related courses

Bundle deal

Now Scademy offers a special course package. The AVATAO bundle deal is a value offer, for those who wish to practice what they have learned during the course. For an extra price, you will have access to a yearly AVATAO subscription. This online platform has over 500 secure coding challenges in various coding languages. Fore more information check AVATAO's website: avatao.com

Course registration

Date and time February 04-06, 2025 - CET
Language English
Delivery Online
Choose a bundle
Register now
Loading...
Registering...

Table of contents

  • Day 1
  • Day 2
  • Day 3
  • IT security and secure coding
    • Security Introduction
      • Nature of security
        • What is risk?
          • IT security vs. secure coding
          • IT security and secure coding - From vulnerabilities to botnets and cybercrime
            • Nature of security flaws
              • From an infected computer to targeted attacks
              • Classification of security flaws
                • Classification of security flaws
                  • Landwehr's taxonomy
                    • The Seven Pernicious Kingdoms 1/2
                      • The Seven Pernicious Kingdoms 2/2
                    • ARM machine code, memory layout and stack operations
                      • ARM Processors
                        • ARM Processors - main registers
                          • ARM Processors - most important instructions
                            • ARM Processors - flags and condition fields
                              • ARM Processors - flags and condition fields
                                • ARM Processors - control instructions
                                  • ARM Processors - stack handling instructions
                                    • Understanding complex ARM instructions
                                      • The function calling mechanism in ARM
                                        • The local variables and the stack frame
                                          • Function calls – prologue and epilogue of a function (ARM)
                                            • Stack frame of nested calls
                                              • Stack frame of recursive functions
                                            • Buffer overflow
                                              • Buffer overflow intro
                                                • Buffer overflow intro
                                                • Stack overflow
                                                  • Buffer overflow on the stack
                                                    • Overwriting the return address
                                                    • Exercise: Cloud VM Intro
                                                      • Introduction
                                                        • Lab Guide
                                                        • Exercise: Cloud VM Intro
                                                          • Introduction
                                                            • Tools - 1/2
                                                              • Tools - 2/2
                                                                • Introduction to gdb
                                                                  • Introduction to gdb 1/2
                                                                    • Introduction to gdb
                                                                      • Introduction to gdb
                                                                        • QEMU
                                                                          • Intro exercise
                                                                          • Exercise: BOFIntro
                                                                            • BOFIntro
                                                                              • BOFIntro
                                                                                • BOFIntro - determine the stack layout
                                                                                  • BOFIntro - a simple exploit
                                                                                  • BOFShellcode
                                                                                    • Exploiting stack overflow - injecting malicious code
                                                                                      • BOFShellcode
                                                                                      • Exercise: BOFShellcode
                                                                                        • BOFShellcode
                                                                                          • BOFShellcode
                                                                                            • BOFShellcode
                                                                                              • BOFShellcode
                                                                                                • BOFShellcode
                                                                                                • Buffer Overflow in Rust
                                                                                                  • Buffer Overflows in Rust
                                                                                                    • Compile time checks
                                                                                                      • Runtime checks
                                                                                                        • Buffer Overflow in Rust
                                                                                                        • Protection against stack overflow
                                                                                                          • Specific protection methods
                                                                                                            • Protection methods at different layers
                                                                                                              • The protection matrix of software security
                                                                                                                • Stack overflow - Prevention (during development)
                                                                                                                  • Stack overflow - Prevention (during development)
                                                                                                                    • Stack overflow - Prevention (during development)
                                                                                                                      • Stack overflow - Prevention (during development)
                                                                                                                        • std::string
                                                                                                                          • The protection matrix of software security
                                                                                                                            • Stack overflow - Detection (during execution)
                                                                                                                            • Fortify compiler option
                                                                                                                              • Fortify compiler option (FORTIFY_SOURCE)
                                                                                                                              • Exercise: BOFShellcode Using the Fortify compiler option
                                                                                                                                • BOFShellcode Using the Fortify compiler option
                                                                                                                                • Stack smashing protection
                                                                                                                                  • Stack smashing protection variants
                                                                                                                                    • Stack smashing protection variants
                                                                                                                                    • Exercise: BOFShellcode Stack smashing protection
                                                                                                                                      • BOFShellcode Stack smashing protection
                                                                                                                                        • Stack smashing protection
                                                                                                                                          • Effects of stack smashing protection - prologue
                                                                                                                                            • Effects of stack smashing protection - epilogue
                                                                                                                                              • Overwriting arguments - Mitigation
                                                                                                                                                • Bypassing stack smashing protection - an example
                                                                                                                                                  • The protection matrix of software security
                                                                                                                                                    • Stack overflow - Anti-exploit techniques
                                                                                                                                                      • Stack overflow - Anti-exploit techniques
                                                                                                                                                      • Address Space Layout Randomization (ASLR)
                                                                                                                                                        • Randomization with ASLR
                                                                                                                                                          • Address Space Layout Randomization (ASLR)
                                                                                                                                                            • Software ASLR
                                                                                                                                                              • Practical weaknesses and limitations to ASLR
                                                                                                                                                              • Exercise: BOFShellcode Address Space Layout Randomization
                                                                                                                                                                • Using ASLR - 1/2
                                                                                                                                                                  • Using ASLR - 2/2
                                                                                                                                                                    • Circumventing ASLR: NOP sledding
                                                                                                                                                                    • Non executable memory areas - The NX bit
                                                                                                                                                                      • Access control on memory segments
                                                                                                                                                                        • The Never eXecute (NX) bit
                                                                                                                                                                        • Exercise: BOFShellcode Enforcing NX memory segments
                                                                                                                                                                          • Enforcing non-executable memory segments
                                                                                                                                                                            • Enforcing non-executable memory segments
                                                                                                                                                                            • Exercise: BOFShellcode Turning on all compiler protections
                                                                                                                                                                              • BOFShellcode - Turning on all compiler protections
                                                                                                                                                                              • Summary of Buffer Overflow protections
                                                                                                                                                                                • Summary of compiler options
                                                                                                                                                                                  • Summary of compiler options
                                                                                                                                                                                    • The protection matrix of software security
                                                                                                                                                                                    • Rust compiler flags
                                                                                                                                                                                      • Compiler flags
                                                                                                                                                                                      • Unsafe
                                                                                                                                                                                        • Unsafe
                                                                                                                                                                                          • Unsafe
                                                                                                                                                                                        • Buffer overflow
                                                                                                                                                                                          • Return-to-libc attack – Circumventing the NX bit protection
                                                                                                                                                                                            • Circumventing memory execution protection
                                                                                                                                                                                              • Return-to-libc attack
                                                                                                                                                                                              • Return oriented programming (ROP)
                                                                                                                                                                                                • Return-to-libc attack in ARM
                                                                                                                                                                                                  • Return-to-libc attack in ARM
                                                                                                                                                                                                    • Return-to-libc attack in ARM
                                                                                                                                                                                                      • Return-to-libc attack in ARM
                                                                                                                                                                                                        • Return-to-libc attack in ARM
                                                                                                                                                                                                          • Return-to-libc attack in ARM
                                                                                                                                                                                                            • Return-to-libc attack in ARM
                                                                                                                                                                                                              • Return-to-libc attack in ARM
                                                                                                                                                                                                                • Return-to-libc attack in ARM
                                                                                                                                                                                                                  • ROP gadget - Register fill with constants
                                                                                                                                                                                                                    • ROP gadget – Memory write
                                                                                                                                                                                                                      • Combining the ROP gadgets
                                                                                                                                                                                                                        • Real ROP attack scenarios
                                                                                                                                                                                                                        • Return oriented programming (ROP) - ROP mitigation
                                                                                                                                                                                                                          • Mitigation techniques of ROP attack
                                                                                                                                                                                                                            • Mitigation techniques of ROP attack
                                                                                                                                                                                                                            • Heap Overflow
                                                                                                                                                                                                                              • Heap Overflow
                                                                                                                                                                                                                                • Memory allocation managed by a doubly-linked list
                                                                                                                                                                                                                                  • Buffer overflow on the heap
                                                                                                                                                                                                                                    • Steps of freeing and joining memory blocks
                                                                                                                                                                                                                                      • Freeing allocated memory blocks
                                                                                                                                                                                                                                        • Case study - Heartbleed
                                                                                                                                                                                                                                          • TLS heartbeat Extension
                                                                                                                                                                                                                                            • Heartbleed - information leakage in OpenSSL
                                                                                                                                                                                                                                              • Heartbleed – fix in v1.0.1g
                                                                                                                                                                                                                                                • Protection against heap overflow
                                                                                                                                                                                                                                              • C++ examples
                                                                                                                                                                                                                                                • Undefined and unspecified behavior
                                                                                                                                                                                                                                                  • Undefined behavior
                                                                                                                                                                                                                                                    • Unspecified behavior
                                                                                                                                                                                                                                                      • Unspecified behavior
                                                                                                                                                                                                                                                        • Undefined Behavior
                                                                                                                                                                                                                                                        • Smart Pointers
                                                                                                                                                                                                                                                          • RAII
                                                                                                                                                                                                                                                            • Smart Pointers
                                                                                                                                                                                                                                                              • Let's write our own RAII wrapper
                                                                                                                                                                                                                                                                • Let's write our own RAII wrapper
                                                                                                                                                                                                                                                                  • RAII wrapper
                                                                                                                                                                                                                                                                    • Smart pointers – exclusive ownership
                                                                                                                                                                                                                                                                      • Smart pointers
                                                                                                                                                                                                                                                                        • std::make_unique(...)
                                                                                                                                                                                                                                                                          • Smart Pointers
                                                                                                                                                                                                                                                                            • Shared ownership
                                                                                                                                                                                                                                                                              • std::shared_ptr's control block
                                                                                                                                                                                                                                                                              • Exercise: Smart Pointers
                                                                                                                                                                                                                                                                                std::shared_ptr internals
                                                                                                                                                                                                                                                                                • std::shared_ptr internals
                                                                                                                                                                                                                                                                                  • std::shared_ptr internals
                                                                                                                                                                                                                                                                                    • std::shared_ptr internals
                                                                                                                                                                                                                                                                                      • std::shared_ptr internals
                                                                                                                                                                                                                                                                                        • std::shared_ptr
                                                                                                                                                                                                                                                                                          • std::shared_ptr
                                                                                                                                                                                                                                                                                            • Borrow checker to avoid pointer “hell”
                                                                                                                                                                                                                                                                                              • RAII in Rust
                                                                                                                                                                                                                                                                                                • RAII example explained
                                                                                                                                                                                                                                                                                                • Smart Pointer - What is worse than leaking the memory?
                                                                                                                                                                                                                                                                                                  • Leaking memory
                                                                                                                                                                                                                                                                                                    • Fixed
                                                                                                                                                                                                                                                                                                      • Leaking memory
                                                                                                                                                                                                                                                                                                        • Fixed
                                                                                                                                                                                                                                                                                                          • Leaking memory
                                                                                                                                                                                                                                                                                                            • Fixed
                                                                                                                                                                                                                                                                                                              • Related smart pointers
                                                                                                                                                                                                                                                                                                                • Summary
                                                                                                                                                                                                                                                                                                                • Object lifetime management
                                                                                                                                                                                                                                                                                                                  • Manually managing object lifetime
                                                                                                                                                                                                                                                                                                                    • Object lifetime management
                                                                                                                                                                                                                                                                                                                      • Object lifetime management
                                                                                                                                                                                                                                                                                                                      • Exercise: Object lifetime managament
                                                                                                                                                                                                                                                                                                                        Manual Lifetime management
                                                                                                                                                                                                                                                                                                                        • Manual Lifetime management
                                                                                                                                                                                                                                                                                                                          • Manual Lifetime management
                                                                                                                                                                                                                                                                                                                            • Summary
                                                                                                                                                                                                                                                                                                                            • Container Iteration
                                                                                                                                                                                                                                                                                                                              • Vector basics
                                                                                                                                                                                                                                                                                                                                • Container Iteration
                                                                                                                                                                                                                                                                                                                                • Exercise: Container Iteration
                                                                                                                                                                                                                                                                                                                                  • Container Iteration
                                                                                                                                                                                                                                                                                                                                    • Container Iteration
                                                                                                                                                                                                                                                                                                                                      • Summary
                                                                                                                                                                                                                                                                                                                                      • Random Number Generators - How can you generate random numbers?
                                                                                                                                                                                                                                                                                                                                        • Generating random numbers
                                                                                                                                                                                                                                                                                                                                        • Random Number Generators - What happens if the random number is weak or not strong enough?
                                                                                                                                                                                                                                                                                                                                          • PlayStation 3
                                                                                                                                                                                                                                                                                                                                            • Java nonce collision
                                                                                                                                                                                                                                                                                                                                              • Microsoft Windows 2000/XP random number generator
                                                                                                                                                                                                                                                                                                                                              • Random Number Generators - Pseudorandom Number Generators (PRNG)
                                                                                                                                                                                                                                                                                                                                                • PRNGs in a nutshell
                                                                                                                                                                                                                                                                                                                                                  • Random number engines
                                                                                                                                                                                                                                                                                                                                                    • PRNGs 1
                                                                                                                                                                                                                                                                                                                                                      • PRNGs 2
                                                                                                                                                                                                                                                                                                                                                      • Exercise: Random Number Generators - Lottery Application
                                                                                                                                                                                                                                                                                                                                                        • Lottery Application 1
                                                                                                                                                                                                                                                                                                                                                          • Lottery Application 2
                                                                                                                                                                                                                                                                                                                                                            • Summary
                                                                                                                                                                                                                                                                                                                                                            • XML security
                                                                                                                                                                                                                                                                                                                                                              • XML injection
                                                                                                                                                                                                                                                                                                                                                                • Injection principles
                                                                                                                                                                                                                                                                                                                                                                  • XML injection
                                                                                                                                                                                                                                                                                                                                                                    • XML injection
                                                                                                                                                                                                                                                                                                                                                                      • XML injection
                                                                                                                                                                                                                                                                                                                                                                      • Exercise: XML injection
                                                                                                                                                                                                                                                                                                                                                                        • XML injection
                                                                                                                                                                                                                                                                                                                                                                          • XML injection
                                                                                                                                                                                                                                                                                                                                                                            • Protection through sanitization and XML validation
                                                                                                                                                                                                                                                                                                                                                                              • XML parsing in C++
                                                                                                                                                                                                                                                                                                                                                                              • XML injection - Abusing XML Entity
                                                                                                                                                                                                                                                                                                                                                                                • XML Entity Introduction
                                                                                                                                                                                                                                                                                                                                                                                  • XML bomb
                                                                                                                                                                                                                                                                                                                                                                                    • XML bomb
                                                                                                                                                                                                                                                                                                                                                                                      • XML bomb
                                                                                                                                                                                                                                                                                                                                                                                        • XML external entity attack (XXE) - resource inclusion
                                                                                                                                                                                                                                                                                                                                                                                        • Exercise: XXE attack
                                                                                                                                                                                                                                                                                                                                                                                          • XXE attack
                                                                                                                                                                                                                                                                                                                                                                                            • Preventing entity-related attacks
                                                                                                                                                                                                                                                                                                                                                                                            • Case study - XXE in Google Toolbar
                                                                                                                                                                                                                                                                                                                                                                                              • Case study - XXE in Google Toolbar
                                                                                                                                                                                                                                                                                                                                                                                                • Case study - XXE in Google Toolbar
                                                                                                                                                                                                                                                                                                                                                                                              • Common coding errors and vulnerabilities
                                                                                                                                                                                                                                                                                                                                                                                                • Improper error and exception handling
                                                                                                                                                                                                                                                                                                                                                                                                  • Typical problems with error and exception handling
                                                                                                                                                                                                                                                                                                                                                                                                    • Empty catch block
                                                                                                                                                                                                                                                                                                                                                                                                      • Overly broad catch
                                                                                                                                                                                                                                                                                                                                                                                                        • ErrorHandling
                                                                                                                                                                                                                                                                                                                                                                                                        • Exercise: Error handling
                                                                                                                                                                                                                                                                                                                                                                                                          • ErrorHandling
                                                                                                                                                                                                                                                                                                                                                                                                            • ErrorHandling - Correct implementation
                                                                                                                                                                                                                                                                                                                                                                                                            • Code quality problems
                                                                                                                                                                                                                                                                                                                                                                                                              • Dangers arising from poor code quaility
                                                                                                                                                                                                                                                                                                                                                                                                                • Poor code quality
                                                                                                                                                                                                                                                                                                                                                                                                                  • Unreleased resources
                                                                                                                                                                                                                                                                                                                                                                                                                    • Type mismatch
                                                                                                                                                                                                                                                                                                                                                                                                                    • Exercise: TypeMismatch
                                                                                                                                                                                                                                                                                                                                                                                                                      • TypeMismatch
                                                                                                                                                                                                                                                                                                                                                                                                                      • Code quality problems - Memory allocation problems
                                                                                                                                                                                                                                                                                                                                                                                                                        • Smart pointers
                                                                                                                                                                                                                                                                                                                                                                                                                          • Zero length allocation
                                                                                                                                                                                                                                                                                                                                                                                                                            • Double free
                                                                                                                                                                                                                                                                                                                                                                                                                              • Mixing delete and delete[]
                                                                                                                                                                                                                                                                                                                                                                                                                              • Code quality problems - Use after free
                                                                                                                                                                                                                                                                                                                                                                                                                                • Use after free
                                                                                                                                                                                                                                                                                                                                                                                                                                  • Use after free - Instance of a class
                                                                                                                                                                                                                                                                                                                                                                                                                                    • Instance of a class
                                                                                                                                                                                                                                                                                                                                                                                                                                      • Use after free - Dangling pointers
                                                                                                                                                                                                                                                                                                                                                                                                                                      • Case study - WannaCry
                                                                                                                                                                                                                                                                                                                                                                                                                                        • The WannaCry ransomware
                                                                                                                                                                                                                                                                                                                                                                                                                                          • The WannaCry ransomware
                                                                                                                                                                                                                                                                                                                                                                                                                                            • The vulnerability behind WannaCry
                                                                                                                                                                                                                                                                                                                                                                                                                                              • From type mismatch to an exploitable heap overflow
                                                                                                                                                                                                                                                                                                                                                                                                                                                • Lessons learned
                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Strict ownership rules at compile time
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Strict ownership rules at compile time
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • NULL pointer dereference
                                                                                                                                                                                                                                                                                                                                                                                                                                                        • NULL pointer dereference
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Denial of service
                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Introduction
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • DoS introduction
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Asymmetric DoS
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Regular expression DoS (ReDoS)
                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Regular expression DoS (ReDoS)
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • ReDoS
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • ReDos in Stack Exchange
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • ReDos in Stack Exchange
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • ReDos in Stack Exchange
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Hashtable collision attack
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Using hashtables to store data
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Hashtable insert
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Hashtable insert
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Hashtable insert
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Hashtable collision
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Hashtable collision consequences
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Hashtable collision fixes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Common coding errors and vulnerabilities
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Input validation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Input validation concepts
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Input validation - Integer problems
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Representation of negative integers
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Integer ranges
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Integer overflow
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Integer problems in C/C++
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • The integer promotion rule in C/C++
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Arithmetic overflow
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Arithmetic overflow - guess the output!
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • IntOverflow
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • IntOverflow
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • What is the value of abs(INT_MIN)?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Signedness bug
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Integer truncation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Input validation - Integer problem - best practices
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Integer problem - best practices
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • GCC trapv
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • IntOverflow
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Avoiding arithmetic overflow - addition
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Avoiding arithmetic overflow - multiplication
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Dealing with signed/unsigned integer promotion in C
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Safe integer handling in C
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Safe integer handling in C++
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • SafeInt example
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Integer Overflow
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Integer Overflow in Rust
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Explicitly handling the overflows
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Integer Overflow
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Case study - Android Stagefright
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Stagefright - a quick introduction
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Some Stagefright code examples
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Some Stagefright code examples
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Some Stagefright code examples
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Input validation - Printf format string bug
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Printf format string bug
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Printf format string bug
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Printf format strings
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Printf format string bug - exploitation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Exercise: Printf
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Printf
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Printf
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Printf
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Input Validation - Printf format string problem - best practices
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Mitigation of Printf format string problem
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Printf with warnings
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Print Macros in Rust
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • print! macro
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • println! macro
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Input validation - Some other input validation problems
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Array indexing
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Off-by-one and other null termination errors
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • The Unicode bug
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Input validation - Path traversal vulnerability
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Path traversal vulnerability
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Path traversal - weak protections
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Path traversal - best practices
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Input validation - Log forging
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Log forging
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Log forging
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Some other typical problems with log files
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Common coding errors and vulnerabilities - Improper use of security features
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Typical problems related to the use of security features
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Exercise: Weakness of hashed passwords
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Weakness of hashed passwords
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Password management and storage
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Brute forcing
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Special purpose hash algorithms for password storage
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Password management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Argon2 and PBKDF2 implementations in C/C++
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • bcrypt and scrypt implementations in C/C++
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The Ashley Madison data breach
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The Ashley Madison data breach
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • The loginkey token
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Revealing the passwords with brute forcing
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Typical mistakes in password management
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Sensitive info in memory - minimize the attack surface
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Exercise: Hard coded passwords
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Hard coded password
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Improper use of security features - Sensitive information in memory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Protecting secrets in memory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Sensitive info in memory - minimize the attack surface
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Your secrets vs. dynamic memory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Zeroisation
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Zeroisation vs. optimization
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Copies of sensitive data on disk
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Core dumps
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Disabling core dumps
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Swapping
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Memory locking - preventing swapping
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Problems with page locking
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Best practices
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Time and state problems
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Time and state related problems
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Serialization errors
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • TOCTTOU examples
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Exercise: TOCTTOU
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • TOCTTOU 1/3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • TOCTTOU 2/3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • TOCTTOU 3/3
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Best practices against TOCTTOU
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Best practices against TOCTTOU
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Best practices against TOCTTOU
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Principles of security and secure coding
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Principles of security and secure coding
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Matt Bishop's principles of robust programming
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Matt Bishop's principles of robust programming - I
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Matt Bishop's principles of robust programming - II
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • The security principles of Saltzer and Schroeder
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • The security principles of Saltzer and Schroeder - I
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • The security principles of Saltzer and Schroeder - II
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • The security principles of Saltzer and Schroeder - III
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • The security principles of Saltzer and Schroeder - IV
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Rust in the industry
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Industry Adoption - Why?
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Government & Security Agencies Support
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Industry Adoption
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Vulnerabilities still exist in Rust
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Vulnerabilities still exist in Rust
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • RUSTSEC-2024-0377
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • RUSTSEC-2024-0377 - Fix
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Knowledge sources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Knowledge sources
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Secure coding sources - a starter kit
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Vulnerability databases
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Recommended books