Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
Secure Coding in C (2019)

Secure Coding in C (2019)

1h 19mAdvanced2019-11-25

Authors

Dan Gookin

Dan Gookin

Creator, Teacher, and Technology Writer with 20+ years of experience

Course details

C lacks some of the safety valves offered by newer programming languages. But while this midlevel language has its weaknesses, writing safe C code is still possible—it just requires extra vigilance on the part of the developer. In this course, instructor Dan Gookin explains how to identify and code around weaknesses in the C programming language to write more secure programs. Many exploits are known regarding C code; this course reviews each one, explaining the vulnerabilities and how to deal with them. Major areas covered include undefined behavior, avoiding awkward constructions, validating input, managing strings, and working with pointers.

Learning objectives
The weaknesses of the C language
Using an assignment as a condition
Avoiding putchar() in a while loop
Confirming when EOF has been read
Authenticating numeric input
Filtering string input
Avoiding bad string assignment
Storing passwords and codes
Clearing data after use
Issues with pointers

Skills covered

CSoftware Development SecurityCybersecurityProgramming LanguagesOpen SourceSoftware DevelopmentDeep Dive (X:Y)

Concepts

0. Introduction

  • 01 - Write better secure C code
  • 02 - Using the exercise files
  • 03 - Compiling the code

1. On the Defensive

  • 04 - Understanding the weaknesses of C
  • 05 - What the bad guys look for
  • 06 - Hunting exploits
  • 07 - Documenting everything

2. Undefined Behaviors

  • 08 - Formatting preprocessor directives
  • 09 - Using an assignment as a condition
  • 10 - Avoiding putchar() in a while loop
  • 11 - Using the system() call
  • 12 - Accessing elements beyond the array size
  • 13 - Converting integers
  • 14 - Looping with floating point values
  • 15 - Using return values
  • 16 - Confirming when EOF has been read
  • 17 - Challenge - Fix the code
  • 18 - Solution - Fix the code

3. Input Validation

  • 19 - Authenticating numeric input
  • 20 - Converting strings to numbers
  • 21 - Using int values instead of char
  • 22 - Reading input with fgets()
  • 23 - Filtering string input
  • 24 - Challenge - Confirming input
  • 25 - Solution - Confirming input

4. String Management

  • 26 - Allocating strings
  • 27 - Avoiding bad string assignment
  • 28 - Working with string literals
  • 29 - Minding string functions
  • 30 - Storing passwords and codes
  • 31 - Clearing data after use
  • 32 - Challenge - The secret code
  • 33 - Solution - The secret code

5. Issues with Pointers

  • 34 - Initializing pointers and buffers
  • 35 - Checking for NULL pointers
  • 36 - Performing pointer math
  • 37 - Freeing pointers
  • 38 - Challenge - Enter the combination
  • 39 - Solution - Enter the combination

Conclusion

  • 40 - Next steps

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal