Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
Secure Coding in C

Secure Coding in C

1h 29mIntermediate2025-03-13

Authors

Dan Gookin

Dan Gookin

Creator, Teacher, and Technology Writer with 20+ years of experience

Course details

This course surveys the C language, which is notorious for having several weaknesses with regards to data typing, bounds checking, and memory management among others. Many of the exploits known regarding C code are reviewed, including weak data typing and overflows. Instructor Dan Gookin explains the vulnerabilities and offers information on how to defensively code around these exploits and vulnerabilities. Other areas covered include undefined behavior, avoiding awkward constructions, validating input, using proper data types, managing strings, memory management, and working with pointers.

Learning objectives
Recognize and defend against known C exploits.
Review the known weaknesses of the C programming language.
Recognize and avoid vulnerabilities when performing common programming tasks.
Write secure and strong C programs.

Skills covered

CSoftware Development SecurityCybersecurityProgramming LanguagesOpen SourceSoftware DevelopmentOne-Off

Concepts

0. Introduction

  • 01 - Is your code safe
  • 02 - Configuration and setup

1. On the Defensive

  • 03 - Understanding C's weaknesses
  • 04 - What the bad guys look for
  • 05 - Hunting exploits
  • 06 - Documenting everything

2. Undefined Behaviors

  • 07 - Formatting preprocessor directives
  • 08 - Using an assignment as a condition
  • 09 - Avoiding putchar() in a while loop
  • 10 - Using the system() call
  • 11 - Accessing elements beyond the array size
  • 12 - Converting integers
  • 13 - Looping with floating point values
  • 14 - Using return values
  • 15 - Confirming when EOF has been read
  • 16 - Challenge - Fix the code
  • 17 - Solution - Fix the code

3. Input Validation

  • 18 - Authenticating numeric input
  • 19 - Converting strings to numbers
  • 20 - Using int values instead of char
  • 21 - Reading input with fgets()
  • 22 - Filtering string input
  • 23 - Challenge - Confirming input
  • 24 - Solution - Confirming input

4. String Management

  • 25 - Allocating strings
  • 26 - Avoiding bad string assignment
  • 27 - Working with string literals
  • 28 - Minding string functions
  • 29 - Storing passwords and codes
  • 30 - Clearing data after use
  • 31 - Challenge - The secret code
  • 32 - Solution - The secret code

5. Issues with Pointers

  • 33 - Initializing pointers and buffers
  • 34 - Checking for NULL pointers
  • 35 - Performing pointer math
  • 36 - Freeing pointers
  • 37 - Challenge - Enter the combination
  • 38 - Solution - Enter the combination

Conclusion

  • 39 - Next steps

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal