19 Deadly Sins of Software Security: Programming Flaws and How to Fix ThemThis essential book for all software developers--regardless of platform, language, or type of application--outlines the “19 deadly sins” of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book. Coverage includes:
|
Contents
Spotting the Sin During Code Review | 9 |
Format String Problems | 17 |
Affected Languages | 18 |
Copyright | |
31 other sections not shown
Common terms and phrases
19 Deadly Sins access controls allow application arbitrary code ASP.NET block cipher browser Buffer overflow buffer overrun byte C/C++ catch ccnum certificate char client CODE REVIEW command injection compiler connection CONSTANT_Utf8 create CRLs CRNG Cross-Site Scripting cryptographic database default denial of service e-mail encode encryption error EXAMPLE SINS exploit EXTRA DEFENSIVE MEASURES Failing filename format string function handle hash HMAC implementation integer overflows Internet IPSec Java key exchange Linux login look message authentication Microsoft NULL operating system password protocol PBKDF2 Perl printf problem public key query race conditions random numbers REDEMPTION STEPS secret data server Sins of Software Software Security Software Security OVERVIEW SQL injection SSL/TLS stack strcpy stream cipher sure there's things trust UNIX unsigned user input username valid Visual Basic Windows write